0x0, 0x8}, {0x2, 0x46, 0x2, 0x3}, {0x7, 0x80, 0x5, 0x6f34d89e}, {0x80, 0x5, 0x3, 0x3f}, {0x808, 0x4, 0x5, 0xd3b1}, {0x6, 0x9, 0x48}, {0x4, 0x80, 0x0, 0x4}, {0x2, 0x81, 0x7f, 0x6}, {0x0, 0x40, 0x2, 0x5}]})

14:32:08 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89e1, &(0x7f0000000040)={@multicast1, @remote})

[ 1278.927787][   T23] audit: type=1326 audit(1669991528.379:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23709 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30e4d840d9 code=0x0
[ 1278.961842][T23712] FAULT_INJECTION: forcing a failure.
[ 1278.961842][T23712] name failslab, interval 1, probability 0, space 0, times 0
[ 1278.962405][   T23] audit: type=1326 audit(1669991528.409:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23715 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1278.999651][T23712] CPU: 1 PID: 23712 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1279.009984][T23712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1279.020020][T23712] Call Trace:
[ 1279.023290][T23712]  dump_stack_lvl+0x1e2/0x24b
[ 1279.027948][T23712]  ? panic+0x7d7/0x7d7
[ 1279.031994][T23712]  ? blk_mq_alloc_tag_set+0x3eb/0xd40
[ 1279.037343][T23712]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1279.042780][T23712]  ? ____kasan_kmalloc+0xf3/0x110
[ 1279.047781][T23712]  ? __kasan_kmalloc+0x9/0x10
[ 1279.052432][T23712]  ? __kmalloc+0x1f7/0x360
[ 1279.056825][T23712]  ? blk_mq_alloc_tag_set+0x3eb/0xd40
[ 1279.062173][T23712]  ? loop_control_ioctl+0x564/0x740
[ 1279.067348][T23712]  ? __se_sys_ioctl+0x115/0x190
[ 1279.072176][T23712]  ? __x64_sys_ioctl+0x7b/0x90
[ 1279.076917][T23712]  dump_stack+0x15/0x17
[ 1279.081053][T23712]  should_fail+0x3c0/0x510
[ 1279.085451][T23712]  ? blk_mq_init_tags+0x73/0x410
[ 1279.090371][T23712]  __should_failslab+0x9f/0xe0
[ 1279.095122][T23712]  should_failslab+0x9/0x20
[ 1279.099601][T23712]  kmem_cache_alloc_trace+0x3a/0x330
[ 1279.104866][T23712]  ? find_next_bit+0xf5/0x120
[ 1279.109524][T23712]  blk_mq_init_tags+0x73/0x410
[ 1279.114266][T23712]  blk_mq_alloc_rq_map+0x7e/0x190
[ 1279.119268][T23712]  blk_mq_alloc_map_and_requests+0x12e/0x7d0
[ 1279.125224][T23712]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1279.130404][T23712]  loop_add+0x241/0x760
[ 1279.134538][T23712]  loop_control_ioctl+0x564/0x740
[ 1279.139540][T23712]  ? loop_remove+0xb0/0xb0
[ 1279.143933][T23712]  ? __fget_files+0x310/0x370
[ 1279.148596][T23712]  ? security_file_ioctl+0xb1/0xd0
[ 1279.153685][T23712]  ? loop_remove+0xb0/0xb0
[ 1279.158080][T23712]  __se_sys_ioctl+0x115/0x190
[ 1279.162743][T23712]  __x64_sys_ioctl+0x7b/0x90
[ 1279.167312][T23712]  do_syscall_64+0x34/0x70
[ 1279.171704][T23712]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1279.177571][T23712] RIP: 0033:0x7f77b238e0d9
[ 1279.181965][T23712] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1279.201544][T23712] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1279.209936][T23712] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1279.217886][T23712] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
14:32:08 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x9, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:08 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x137}]}) (async)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x8, 0x20, 0x2, 0xfff, {{0xa, 0x4, 0x1, 0x37, 0x28, 0x64, 0x0, 0x2, 0x29, 0x0, @private=0xa010101, @rand_addr=0x64010102, {[@noop, @generic={0x89, 0x8, "09823ff1dac0"}, @generic={0x88, 0x8, "15d048b82a08"}]}}}}})
clock_gettime(0x4, &(0x7f0000000100)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x9, &(0x7f0000000200)=[{0xfffd, 0x81, 0x0, 0x8}, {0x2, 0x46, 0x2, 0x3}, {0x7, 0x80, 0x5, 0x6f34d89e}, {0x80, 0x5, 0x3, 0x3f}, {0x808, 0x4, 0x5, 0xd3b1}, {0x6, 0x9, 0x48}, {0x4, 0x80, 0x0, 0x4}, {0x2, 0x81, 0x7f, 0x6}, {0x0, 0x40, 0x2, 0x5}]})

[ 1279.225833][T23712] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1279.233780][T23712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1279.241730][T23712] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1279.250051][T23712] blk-mq: reduced tag depth (128 -> 64)
14:32:08 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xa, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:08 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x137}]}) (async)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x8, 0x20, 0x2, 0xfff, {{0xa, 0x4, 0x1, 0x37, 0x28, 0x64, 0x0, 0x2, 0x29, 0x0, @private=0xa010101, @rand_addr=0x64010102, {[@noop, @generic={0x89, 0x8, "09823ff1dac0"}, @generic={0x88, 0x8, "15d048b82a08"}]}}}}}) (async, rerun: 64)
clock_gettime(0x4, &(0x7f0000000100)) (rerun: 64)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x9, &(0x7f0000000200)=[{0xfffd, 0x81, 0x0, 0x8}, {0x2, 0x46, 0x2, 0x3}, {0x7, 0x80, 0x5, 0x6f34d89e}, {0x80, 0x5, 0x3, 0x3f}, {0x808, 0x4, 0x5, 0xd3b1}, {0x6, 0x9, 0x48}, {0x4, 0x80, 0x0, 0x4}, {0x2, 0x81, 0x7f, 0x6}, {0x0, 0x40, 0x2, 0x5}]})

[ 1279.258275][   T23] audit: type=1326 audit(1669991528.709:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23718 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1279.282192][   T23] audit: type=1326 audit(1669991528.729:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23718 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f57d0c7cf8b code=0x0
14:32:08 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xb, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:08 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 5)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1279.322281][T25449] udevd[25449]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1279.339768][T23736] FAULT_INJECTION: forcing a failure.
[ 1279.339768][T23736] name failslab, interval 1, probability 0, space 0, times 0
[ 1279.352537][T23736] CPU: 1 PID: 23736 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1279.362836][T23736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1279.372868][T23736] Call Trace:
[ 1279.376135][T23736]  dump_stack_lvl+0x1e2/0x24b
[ 1279.380796][T23736]  ? panic+0x7d7/0x7d7
[ 1279.384846][T23736]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1279.390296][T23736]  dump_stack+0x15/0x17
[ 1279.394455][T23736]  should_fail+0x3c0/0x510
[ 1279.398855][T23736]  ? sbitmap_queue_init_node+0x163/0x1060
[ 1279.404547][T23736]  __should_failslab+0x9f/0xe0
[ 1279.409384][T23736]  should_failslab+0x9/0x20
[ 1279.413871][T23736]  __kmalloc+0x60/0x360
[ 1279.418006][T23736]  sbitmap_queue_init_node+0x163/0x1060
[ 1279.423527][T23736]  blk_mq_init_tags+0x165/0x410
[ 1279.428384][T23736]  blk_mq_alloc_rq_map+0x7e/0x190
[ 1279.433381][T23736]  blk_mq_alloc_map_and_requests+0x12e/0x7d0
[ 1279.439339][T23736]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1279.444514][T23736]  loop_add+0x241/0x760
[ 1279.448652][T23736]  loop_control_ioctl+0x564/0x740
[ 1279.453647][T23736]  ? loop_remove+0xb0/0xb0
[ 1279.458038][T23736]  ? __fget_files+0x310/0x370
[ 1279.462691][T23736]  ? security_file_ioctl+0xb1/0xd0
[ 1279.467777][T23736]  ? loop_remove+0xb0/0xb0
[ 1279.472167][T23736]  __se_sys_ioctl+0x115/0x190
[ 1279.476819][T23736]  __x64_sys_ioctl+0x7b/0x90
[ 1279.481386][T23736]  do_syscall_64+0x34/0x70
[ 1279.485790][T23736]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1279.491665][T23736] RIP: 0033:0x7f77b238e0d9
[ 1279.496062][T23736] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1279.515658][T23736] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1279.524050][T23736] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1279.532007][T23736] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1279.540073][T23736] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1279.548034][T23736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1279.555982][T23736] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1279.564979][T23736] blk-mq: reduced tag depth (128 -> 64)
[ 1279.617627][ T1453] udevd[1453]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:32:09 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r0=>0x0, 0x29, 0x7, 0x7f, 0x6, 0x21, @ipv4={'\x00', '\xff\xff', @multicast2}, @empty, 0x8000, 0x8, 0xffff, 0x5}}) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0) (async)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, 0x0)
connect$bt_sco(r3, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r4 = syz_open_dev$vcsu(&(0x7f0000000300), 0x7fffffffffffffff, 0x440e02)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x2, &(0x7f0000000040)=@raw=[@btf_id={0x18, 0x2, 0x3, 0x0, 0x2}], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x82, &(0x7f0000000100)=""/130, 0x41100, 0x14, '\x00', r0, 0x0, r1, 0x8, &(0x7f0000000280)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0xe, 0x2, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000340)=[r2, r3, r4]}, 0x80)

14:32:09 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xc, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:09 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x0, &(0x7f0000000040)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x12, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x1f, 0x6, 0x1f, 0x8}, {0x6, 0xf9, 0x8, 0x505217d6}, {0x8, 0x7e, 0x9, 0x1000}]})

14:32:09 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 6)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:09 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r1 = syz_open_dev$vcsu(0x0, 0x0, 0x8002)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r1})

[ 1279.798921][   T23] audit: type=1326 audit(1669991529.249:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23743 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1279.831063][   T23] audit: type=1326 audit(1669991529.279:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23744 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30e4d840d9 code=0x0
[ 1279.832896][T23755] FAULT_INJECTION: forcing a failure.
[ 1279.832896][T23755] name failslab, interval 1, probability 0, space 0, times 0
[ 1279.865532][   T23] audit: type=1326 audit(1669991529.279:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23747 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1279.870384][T23755] CPU: 0 PID: 23755 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1279.901075][T23755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1279.911125][T23755] Call Trace:
[ 1279.914513][T23755]  dump_stack_lvl+0x1e2/0x24b
[ 1279.919191][T23755]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1279.924647][T23755]  ? find_next_bit+0xd6/0x120
[ 1279.929316][T23755]  ? cpumask_next+0x11/0x30
[ 1279.933814][T23755]  dump_stack+0x15/0x17
[ 1279.937963][T23755]  should_fail+0x3c0/0x510
[ 1279.942369][T23755]  ? sbitmap_queue_init_node+0x72c/0x1060
[ 1279.948082][T23755]  __should_failslab+0x9f/0xe0
[ 1279.952858][T23755]  should_failslab+0x9/0x20
[ 1279.957370][T23755]  kmem_cache_alloc_trace+0x3a/0x330
[ 1279.962647][T23755]  ? find_next_bit+0xd6/0x120
[ 1279.967320][T23755]  ? cpumask_next+0x11/0x30
[ 1279.971827][T23755]  sbitmap_queue_init_node+0x72c/0x1060
[ 1279.977367][T23755]  blk_mq_init_tags+0x165/0x410
[ 1279.982209][T23755]  blk_mq_alloc_rq_map+0x7e/0x190
[ 1279.987228][T23755]  blk_mq_alloc_map_and_requests+0x12e/0x7d0
[ 1279.993205][T23755]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1279.998398][T23755]  loop_add+0x241/0x760
[ 1280.002561][T23755]  loop_control_ioctl+0x564/0x740
[ 1280.007577][T23755]  ? loop_remove+0xb0/0xb0
[ 1280.011987][T23755]  ? __fget_files+0x310/0x370
[ 1280.016657][T23755]  ? security_file_ioctl+0xb1/0xd0
[ 1280.021759][T23755]  ? loop_remove+0xb0/0xb0
[ 1280.026169][T23755]  __se_sys_ioctl+0x115/0x190
[ 1280.030875][T23755]  __x64_sys_ioctl+0x7b/0x90
[ 1280.035458][T23755]  do_syscall_64+0x34/0x70
[ 1280.039869][T23755]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1280.045754][T23755] RIP: 0033:0x7f77b238e0d9
[ 1280.050166][T23755] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1280.069765][T23755] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1280.078178][T23755] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1280.086146][T23755] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1280.094112][T23755] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1280.102081][T23755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1280.110052][T23755] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1280.120626][T23755] blk-mq: reduced tag depth (128 -> 64)
14:32:11 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89e1, &(0x7f0000000040)={@multicast1, @remote})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89e1, &(0x7f0000000040)={@multicast1, @remote}) (async)

14:32:11 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000140)=[{0x5d0, 0x2}, {0x4, 0xc8, 0x1, 0x400}]})
getsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$RTC_EPOCH_READ(0xffffffffffffffff, 0x8008700d, &(0x7f0000000100))

14:32:11 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xd, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:11 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x0, &(0x7f0000000040)}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x12, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x1f, 0x6, 0x1f, 0x8}, {0x6, 0xf9, 0x8, 0x505217d6}, {0x8, 0x7e, 0x9, 0x1000}]})

14:32:11 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 7)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:11 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r1 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r1})

[ 1281.969218][T23767] FAULT_INJECTION: forcing a failure.
[ 1281.969218][T23767] name failslab, interval 1, probability 0, space 0, times 0
[ 1281.982206][T23767] CPU: 0 PID: 23767 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1281.992534][T23767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1282.002576][T23767] Call Trace:
[ 1282.005848][T23767]  dump_stack_lvl+0x1e2/0x24b
[ 1282.010506][T23767]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1282.015943][T23767]  ? find_next_bit+0xd6/0x120
[ 1282.020598][T23767]  ? cpumask_next+0x11/0x30
[ 1282.025078][T23767]  dump_stack+0x15/0x17
[ 1282.029209][T23767]  should_fail+0x3c0/0x510
[ 1282.033627][T23767]  ? sbitmap_queue_init_node+0x72c/0x1060
[ 1282.039322][T23767]  __should_failslab+0x9f/0xe0
[ 1282.044063][T23767]  should_failslab+0x9/0x20
[ 1282.048544][T23767]  kmem_cache_alloc_trace+0x3a/0x330
[ 1282.053806][T23767]  sbitmap_queue_init_node+0x72c/0x1060
[ 1282.059344][T23767]  blk_mq_init_tags+0x1dc/0x410
[ 1282.064184][T23767]  blk_mq_alloc_rq_map+0x7e/0x190
[ 1282.069188][T23767]  blk_mq_alloc_map_and_requests+0x12e/0x7d0
[ 1282.075146][T23767]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1282.080323][T23767]  loop_add+0x241/0x760
[ 1282.084470][T23767]  loop_control_ioctl+0x564/0x740
[ 1282.089476][T23767]  ? loop_remove+0xb0/0xb0
[ 1282.093871][T23767]  ? __fget_files+0x310/0x370
[ 1282.098525][T23767]  ? security_file_ioctl+0xb1/0xd0
[ 1282.103613][T23767]  ? loop_remove+0xb0/0xb0
[ 1282.108010][T23767]  __se_sys_ioctl+0x115/0x190
[ 1282.112669][T23767]  __x64_sys_ioctl+0x7b/0x90
[ 1282.117236][T23767]  do_syscall_64+0x34/0x70
[ 1282.121631][T23767]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1282.127498][T23767] RIP: 0033:0x7f77b238e0d9
[ 1282.131895][T23767] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1282.151569][T23767] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1282.159962][T23767] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:11 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xe, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:11 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000140)=[{0x5d0, 0x2}, {0x4, 0xc8, 0x1, 0x400}]}) (async)
getsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
socket$bt_rfcomm(0x1f, 0x1, 0x3) (async)
ioctl$RTC_EPOCH_READ(0xffffffffffffffff, 0x8008700d, &(0x7f0000000100))

14:32:11 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xf, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:11 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000140)=[{0x5d0, 0x2}, {0x4, 0xc8, 0x1, 0x400}]})
getsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$RTC_EPOCH_READ(0xffffffffffffffff, 0x8008700d, &(0x7f0000000100))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x2, &(0x7f0000000140)=[{0x5d0, 0x2}, {0x4, 0xc8, 0x1, 0x400}]}) (async)
getsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
socket$bt_rfcomm(0x1f, 0x1, 0x3) (async)
ioctl$RTC_EPOCH_READ(0xffffffffffffffff, 0x8008700d, &(0x7f0000000100)) (async)

[ 1282.167912][T23767] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1282.175862][T23767] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1282.183811][T23767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1282.191762][T23767] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1282.202889][T23767] blk-mq: reduced tag depth (128 -> 64)
14:32:11 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x10, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:11 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 8)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1282.228089][T25449] udevd[25449]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1282.261498][T23789] FAULT_INJECTION: forcing a failure.
[ 1282.261498][T23789] name failslab, interval 1, probability 0, space 0, times 0
[ 1282.274379][T23789] CPU: 0 PID: 23789 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1282.284708][T23789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1282.294761][T23789] Call Trace:
[ 1282.298048][T23789]  dump_stack_lvl+0x1e2/0x24b
[ 1282.302707][T23789]  ? panic+0x7d7/0x7d7
[ 1282.306756][T23789]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1282.312194][T23789]  ? __kasan_kmalloc+0x9/0x10
[ 1282.316848][T23789]  ? kmem_cache_alloc_trace+0x1dd/0x330
[ 1282.322370][T23789]  dump_stack+0x15/0x17
[ 1282.326505][T23789]  should_fail+0x3c0/0x510
[ 1282.330904][T23789]  ? blk_mq_alloc_rq_map+0xa2/0x190
[ 1282.336077][T23789]  __should_failslab+0x9f/0xe0
[ 1282.340820][T23789]  should_failslab+0x9/0x20
[ 1282.345298][T23789]  __kmalloc+0x60/0x360
[ 1282.349433][T23789]  ? blk_mq_init_tags+0x2d0/0x410
[ 1282.354435][T23789]  blk_mq_alloc_rq_map+0xa2/0x190
[ 1282.359436][T23789]  blk_mq_alloc_map_and_requests+0x12e/0x7d0
[ 1282.365392][T23789]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1282.370570][T23789]  loop_add+0x241/0x760
[ 1282.374706][T23789]  loop_control_ioctl+0x564/0x740
[ 1282.379704][T23789]  ? loop_remove+0xb0/0xb0
[ 1282.384116][T23789]  ? __fget_files+0x310/0x370
[ 1282.388795][T23789]  ? security_file_ioctl+0xb1/0xd0
[ 1282.393896][T23789]  ? loop_remove+0xb0/0xb0
[ 1282.398293][T23789]  __se_sys_ioctl+0x115/0x190
[ 1282.402952][T23789]  __x64_sys_ioctl+0x7b/0x90
[ 1282.407522][T23789]  do_syscall_64+0x34/0x70
[ 1282.411917][T23789]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1282.417783][T23789] RIP: 0033:0x7f77b238e0d9
[ 1282.422178][T23789] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1282.441775][T23789] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1282.450193][T23789] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1282.458160][T23789] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1282.466128][T23789] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1282.474086][T23789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1282.482036][T23789] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1282.490459][T23789] blk-mq: reduced tag depth (128 -> 64)
14:32:12 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040))
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0xffffffffffffffff})
ioctl$RTC_PIE_OFF(r0, 0x7006)

14:32:12 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{0x3, 0x1, 0x1}, 0x6, 0x1, 0x0, 0x0, "42969f379243d05c1262eaed793f435cca870eb1e28ead885fc00d9fbe437dcab1e36309844b6a0f32562d241c3f5080c2d80ffb2c8186667e44ad017771d839"}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x80)

14:32:12 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x11, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:14 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x0, &(0x7f0000000040)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x12, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x1f, 0x6, 0x1f, 0x8}, {0x6, 0xf9, 0x8, 0x505217d6}, {0x8, 0x7e, 0x9, 0x1000}]})

14:32:14 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 9)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:14 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x12, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:14 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040))
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0xffffffffffffffff})
ioctl$RTC_PIE_OFF(r0, 0x7006)
syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0) (async)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040)) (async)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0xffffffffffffffff}) (async)
ioctl$RTC_PIE_OFF(r0, 0x7006) (async)

14:32:14 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r1 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r1})

14:32:14 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{0x3, 0x1, 0x1}, 0x6, 0x1, 0x0, 0x0, "42969f379243d05c1262eaed793f435cca870eb1e28ead885fc00d9fbe437dcab1e36309844b6a0f32562d241c3f5080c2d80ffb2c8186667e44ad017771d839"}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x80)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{0x3, 0x1, 0x1}, 0x6, 0x1, 0x0, 0x0, "42969f379243d05c1262eaed793f435cca870eb1e28ead885fc00d9fbe437dcab1e36309844b6a0f32562d241c3f5080c2d80ffb2c8186667e44ad017771d839"}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x80) (async)

14:32:14 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x13, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:14 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x14, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1284.977236][   T23] kauditd_printk_skb: 7 callbacks suppressed
[ 1284.977249][   T23] audit: type=1326 audit(1669991534.429:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23799 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30e4d840d9 code=0x0
[ 1285.012726][T23808] FAULT_INJECTION: forcing a failure.
[ 1285.012726][T23808] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.022493][   T23] audit: type=1326 audit(1669991534.459:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23802 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1285.049153][T23808] CPU: 0 PID: 23808 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
14:32:14 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040))
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0xffffffffffffffff})
ioctl$RTC_PIE_OFF(r0, 0x7006)
syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0) (async)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000040)) (async)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000000000)={0xffffffffffffffff}) (async)
ioctl$RTC_PIE_OFF(r0, 0x7006) (async)

[ 1285.049364][   T23] audit: type=1326 audit(1669991534.459:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23798 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1285.059468][T23808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1285.059473][T23808] Call Trace:
[ 1285.059489][T23808]  dump_stack_lvl+0x1e2/0x24b
[ 1285.059501][T23808]  ? panic+0x7d7/0x7d7
[ 1285.059510][T23808]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1285.059518][T23808]  dump_stack+0x15/0x17
[ 1285.059528][T23808]  should_fail+0x3c0/0x510
[ 1285.059540][T23808]  ? blk_mq_alloc_rq_map+0xe2/0x190
[ 1285.059550][T23808]  __should_failslab+0x9f/0xe0
[ 1285.059561][T23808]  should_failslab+0x9/0x20
[ 1285.059578][T23808]  __kmalloc+0x60/0x360
[ 1285.137425][T23808]  ? blk_mq_alloc_rq_map+0xa2/0x190
[ 1285.142687][T23808]  blk_mq_alloc_rq_map+0xe2/0x190
[ 1285.147797][T23808]  blk_mq_alloc_map_and_requests+0x12e/0x7d0
[ 1285.153759][T23808]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1285.158934][T23808]  loop_add+0x241/0x760
[ 1285.163068][T23808]  loop_control_ioctl+0x564/0x740
[ 1285.168070][T23808]  ? loop_remove+0xb0/0xb0
[ 1285.172549][T23808]  ? __fget_files+0x310/0x370
[ 1285.177203][T23808]  ? security_file_ioctl+0xb1/0xd0
[ 1285.182291][T23808]  ? loop_remove+0xb0/0xb0
[ 1285.186685][T23808]  __se_sys_ioctl+0x115/0x190
[ 1285.191339][T23808]  __x64_sys_ioctl+0x7b/0x90
[ 1285.195904][T23808]  do_syscall_64+0x34/0x70
[ 1285.200297][T23808]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1285.206166][T23808] RIP: 0033:0x7f77b238e0d9
[ 1285.210558][T23808] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1285.230144][T23808] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1285.238534][T23808] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1285.246488][T23808] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1285.254446][T23808] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1285.262404][T23808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1285.270355][T23808] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1285.279382][   T23] audit: type=1326 audit(1669991534.729:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23798 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1285.305272][T23808] blk-mq: reduced tag depth (128 -> 64)
14:32:14 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x15, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1285.312536][   T23] audit: type=1326 audit(1669991534.769:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23802 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:32:14 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 10)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:14 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x16, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1285.387334][T25449] udevd[25449]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1285.411898][T23830] FAULT_INJECTION: forcing a failure.
[ 1285.411898][T23830] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1285.426785][T23830] CPU: 1 PID: 23830 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1285.437121][T23830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1285.447171][T23830] Call Trace:
[ 1285.450462][T23830]  dump_stack_lvl+0x1e2/0x24b
[ 1285.455137][T23830]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1285.460593][T23830]  ? blk_mq_alloc_tag_set+0x662/0xd40
[ 1285.465959][T23830]  ? __x64_sys_ioctl+0x7b/0x90
[ 1285.470720][T23830]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1285.476787][T23830]  dump_stack+0x15/0x17
[ 1285.480937][T23830]  should_fail+0x3c0/0x510
[ 1285.485354][T23830]  should_fail_alloc_page+0x50/0x60
[ 1285.490546][T23830]  __alloc_pages_nodemask+0x1c0/0x890
[ 1285.495913][T23830]  ? __se_sys_ioctl+0x115/0x190
[ 1285.500759][T23830]  ? __x64_sys_ioctl+0x7b/0x90
[ 1285.505520][T23830]  ? do_syscall_64+0x34/0x70
[ 1285.510107][T23830]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1285.515652][T23830]  ? cpumask_next+0x23/0x30
[ 1285.520155][T23830]  ? blk_mq_hw_queue_to_node+0x101/0x120
[ 1285.525879][T23830]  blk_mq_alloc_rqs+0x323/0x910
[ 1285.530728][T23830]  ? __kasan_kmalloc+0x9/0x10
[ 1285.535407][T23830]  ? blk_mq_alloc_rq_map+0x190/0x190
[ 1285.540689][T23830]  ? blk_mq_alloc_rq_map+0x11b/0x190
[ 1285.545968][T23830]  blk_mq_alloc_map_and_requests+0x1cb/0x7d0
[ 1285.551928][T23830]  blk_mq_alloc_tag_set+0x662/0xd40
[ 1285.557108][T23830]  loop_add+0x241/0x760
[ 1285.561250][T23830]  loop_control_ioctl+0x564/0x740
[ 1285.566276][T23830]  ? loop_remove+0xb0/0xb0
[ 1285.570688][T23830]  ? __fget_files+0x310/0x370
[ 1285.575425][T23830]  ? security_file_ioctl+0xb1/0xd0
[ 1285.580521][T23830]  ? loop_remove+0xb0/0xb0
[ 1285.584923][T23830]  __se_sys_ioctl+0x115/0x190
[ 1285.589581][T23830]  __x64_sys_ioctl+0x7b/0x90
[ 1285.594149][T23830]  do_syscall_64+0x34/0x70
[ 1285.598544][T23830]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1285.604412][T23830] RIP: 0033:0x7f77b238e0d9
[ 1285.608805][T23830] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1285.628384][T23830] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:32:15 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none}, 0x8)

14:32:15 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc3}, &(0x7f0000000180)={0x0, "9b0588435bbbd0e216e75376832b89b4e91b2ea2abd7b9e74b2d1cacacd7f25327ed23755152cd46fc74b01038d6ff5307b87c6b5853ae4247d3adf840f74945", 0x29}, 0x48, 0xfffffffffffffffa)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffff9, r1, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x16}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000861)

[ 1285.636775][T23830] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1285.644726][T23830] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1285.652808][T23830] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1285.660769][T23830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1285.668731][T23830] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x17, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x18, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1285.704579][   T23] audit: type=1326 audit(1669991535.149:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23834 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1285.767888][   T23] audit: type=1326 audit(1669991535.199:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23834 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:32:15 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0})

14:32:15 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 11)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x19, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:15 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{0x3, 0x1, 0x1}, 0x6, 0x1, 0x0, 0x0, "42969f379243d05c1262eaed793f435cca870eb1e28ead885fc00d9fbe437dcab1e36309844b6a0f32562d241c3f5080c2d80ffb2c8186667e44ad017771d839"}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x80)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{0x3, 0x1, 0x1}, 0x6, 0x1, 0x0, 0x0, "42969f379243d05c1262eaed793f435cca870eb1e28ead885fc00d9fbe437dcab1e36309844b6a0f32562d241c3f5080c2d80ffb2c8186667e44ad017771d839"}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x80) (async)

[ 1285.796407][   T23] audit: type=1326 audit(1669991535.249:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23840 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1285.839489][T23846] FAULT_INJECTION: forcing a failure.
[ 1285.839489][T23846] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.862057][T23846] CPU: 0 PID: 23846 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1285.872395][T23846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1285.882433][T23846] Call Trace:
[ 1285.885706][T23846]  dump_stack_lvl+0x1e2/0x24b
[ 1285.890360][T23846]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1285.895798][T23846]  dump_stack+0x15/0x17
[ 1285.899933][T23846]  should_fail+0x3c0/0x510
[ 1285.904326][T23846]  __should_failslab+0x9f/0xe0
[ 1285.909067][T23846]  should_failslab+0x9/0x20
[ 1285.913544][T23846]  kmem_cache_alloc+0x3f/0x300
[ 1285.918283][T23846]  ? blk_alloc_queue+0x2a/0x640
[ 1285.923112][T23846]  blk_alloc_queue+0x2a/0x640
[ 1285.927766][T23846]  ? __mutex_init+0xa1/0xf0
[ 1285.932245][T23846]  ? blk_mq_alloc_tag_set+0xa57/0xd40
[ 1285.937593][T23846]  blk_mq_init_queue+0x35/0xc0
[ 1285.942351][T23846]  loop_add+0x270/0x760
[ 1285.946506][T23846]  loop_control_ioctl+0x564/0x740
[ 1285.951507][T23846]  ? loop_remove+0xb0/0xb0
[ 1285.955918][T23846]  ? __fget_files+0x310/0x370
[ 1285.960576][T23846]  ? security_file_ioctl+0xb1/0xd0
[ 1285.965673][T23846]  ? loop_remove+0xb0/0xb0
[ 1285.970068][T23846]  __se_sys_ioctl+0x115/0x190
[ 1285.974729][T23846]  __x64_sys_ioctl+0x7b/0x90
[ 1285.979296][T23846]  do_syscall_64+0x34/0x70
[ 1285.983785][T23846]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1285.989656][T23846] RIP: 0033:0x7f77b238e0d9
[ 1285.994051][T23846] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1286.013634][T23846] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1286.022028][T23846] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1286.029977][T23846] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1286.037926][T23846] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1286.045874][T23846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1286.053823][T23846] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:15 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 12)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:15 executing program 2:
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000000))
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000080))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000200)=[{0x413, 0x0, 0x1, 0x9}, {0x9, 0x8, 0x6, 0x6}, {0x9, 0x7, 0x9, 0xffff}, {0x9, 0x5, 0x9, 0xf7}, {0x3, 0x95, 0x4, 0x61}]})
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x3e}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4001)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000240)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, "985c2d001f34679330393affb51792cda8d669138952c3a5b5502d111b309833", 0xff, 0x9, 0x400, 0x3ff}, 0x3c)

14:32:15 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0})

14:32:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1a, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1286.076696][   T23] audit: type=1326 audit(1669991535.299:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23840 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1286.105254][T23855] FAULT_INJECTION: forcing a failure.
[ 1286.105254][T23855] name failslab, interval 1, probability 0, space 0, times 0
[ 1286.123616][   T23] audit: type=1326 audit(1669991535.529:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23844 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1286.134698][T23855] CPU: 1 PID: 23855 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1286.157380][T23855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1286.167432][T23855] Call Trace:
[ 1286.170724][T23855]  dump_stack_lvl+0x1e2/0x24b
[ 1286.175409][T23855]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1286.180869][T23855]  dump_stack+0x15/0x17
[ 1286.185019][T23855]  should_fail+0x3c0/0x510
[ 1286.189432][T23855]  ? mempool_init_node+0x12b/0x4b0
[ 1286.194535][T23855]  __should_failslab+0x9f/0xe0
[ 1286.199297][T23855]  should_failslab+0x9/0x20
[ 1286.203798][T23855]  __kmalloc+0x60/0x360
[ 1286.207948][T23855]  ? ida_alloc_range+0xab1/0xb10
[ 1286.212881][T23855]  mempool_init_node+0x12b/0x4b0
[ 1286.217810][T23855]  ? mempool_alloc_slab+0x30/0x30
[ 1286.222829][T23855]  ? mempool_free+0x310/0x310
[ 1286.227502][T23855]  ? mempool_free+0x310/0x310
[ 1286.232171][T23855]  ? mempool_alloc_slab+0x30/0x30
[ 1286.237190][T23855]  mempool_init+0x3c/0x50
[ 1286.241516][T23855]  bioset_init+0x48e/0x640
[ 1286.245926][T23855]  blk_alloc_queue+0xc6/0x640
[ 1286.250707][T23855]  ? __mutex_init+0xa1/0xf0
[ 1286.255204][T23855]  blk_mq_init_queue+0x35/0xc0
[ 1286.259981][T23855]  loop_add+0x270/0x760
[ 1286.264135][T23855]  loop_control_ioctl+0x564/0x740
[ 1286.269155][T23855]  ? loop_remove+0xb0/0xb0
[ 1286.273565][T23855]  ? __fget_files+0x310/0x370
[ 1286.278235][T23855]  ? security_file_ioctl+0xb1/0xd0
[ 1286.283339][T23855]  ? loop_remove+0xb0/0xb0
[ 1286.287744][T23855]  __se_sys_ioctl+0x115/0x190
[ 1286.292412][T23855]  __x64_sys_ioctl+0x7b/0x90
[ 1286.296993][T23855]  do_syscall_64+0x34/0x70
[ 1286.301402][T23855]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1286.307283][T23855] RIP: 0033:0x7f77b238e0d9
[ 1286.311686][T23855] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1286.331288][T23855] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:32:15 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none}, 0x8)

[ 1286.339709][T23855] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1286.347679][T23855] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1286.355647][T23855] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1286.363617][T23855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1286.371589][T23855] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:16 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) (async)
r1 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc3}, &(0x7f0000000180)={0x0, "9b0588435bbbd0e216e75376832b89b4e91b2ea2abd7b9e74b2d1cacacd7f25327ed23755152cd46fc74b01038d6ff5307b87c6b5853ae4247d3adf840f74945", 0x29}, 0x48, 0xfffffffffffffffa)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffff9, r1, 0x1) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x16}]}) (async, rerun: 64)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000861)

14:32:16 executing program 2:
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000000)) (async)
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000080)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000200)=[{0x413, 0x0, 0x1, 0x9}, {0x9, 0x8, 0x6, 0x6}, {0x9, 0x7, 0x9, 0xffff}, {0x9, 0x5, 0x9, 0xf7}, {0x3, 0x95, 0x4, 0x61}]}) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x3e}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4001)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000240)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, "985c2d001f34679330393affb51792cda8d669138952c3a5b5502d111b309833", 0xff, 0x9, 0x400, 0x3ff}, 0x3c)

14:32:16 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 13)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1b, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1c, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:16 executing program 2:
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000000))
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000080))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000200)=[{0x413, 0x0, 0x1, 0x9}, {0x9, 0x8, 0x6, 0x6}, {0x9, 0x7, 0x9, 0xffff}, {0x9, 0x5, 0x9, 0xf7}, {0x3, 0x95, 0x4, 0x61}]})
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x3e}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4001)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000240)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, "985c2d001f34679330393affb51792cda8d669138952c3a5b5502d111b309833", 0xff, 0x9, 0x400, 0x3ff}, 0x3c)
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000000)) (async)
ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f0000000080)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000040)={0x5, &(0x7f0000000200)=[{0x413, 0x0, 0x1, 0x9}, {0x9, 0x8, 0x6, 0x6}, {0x9, 0x7, 0x9, 0xffff}, {0x9, 0x5, 0x9, 0xf7}, {0x3, 0x95, 0x4, 0x61}]}) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x3e}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4001) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000240)={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, "985c2d001f34679330393affb51792cda8d669138952c3a5b5502d111b309833", 0xff, 0x9, 0x400, 0x3ff}, 0x3c) (async)

[ 1286.560550][T23877] FAULT_INJECTION: forcing a failure.
[ 1286.560550][T23877] name failslab, interval 1, probability 0, space 0, times 0
[ 1286.573308][T23877] CPU: 0 PID: 23877 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1286.583630][T23877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1286.593683][T23877] Call Trace:
[ 1286.596975][T23877]  dump_stack_lvl+0x1e2/0x24b
[ 1286.601651][T23877]  ? panic+0x7d7/0x7d7
[ 1286.605717][T23877]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1286.611166][T23877]  dump_stack+0x15/0x17
[ 1286.615310][T23877]  should_fail+0x3c0/0x510
[ 1286.619717][T23877]  __should_failslab+0x9f/0xe0
[ 1286.624470][T23877]  should_failslab+0x9/0x20
[ 1286.628960][T23877]  kmem_cache_alloc+0x3f/0x300
[ 1286.633713][T23877]  ? mempool_alloc_slab+0x1d/0x30
[ 1286.638741][T23877]  mempool_alloc_slab+0x1d/0x30
[ 1286.643583][T23877]  ? mempool_free+0x310/0x310
[ 1286.648261][T23877]  mempool_init_node+0x1e6/0x4b0
[ 1286.653203][T23877]  ? mempool_free+0x310/0x310
[ 1286.657851][T23877]  ? mempool_alloc_slab+0x30/0x30
[ 1286.662848][T23877]  mempool_init+0x3c/0x50
[ 1286.667151][T23877]  bioset_init+0x48e/0x640
[ 1286.671541][T23877]  blk_alloc_queue+0xc6/0x640
[ 1286.676192][T23877]  ? __mutex_init+0xa1/0xf0
[ 1286.680667][T23877]  blk_mq_init_queue+0x35/0xc0
[ 1286.685497][T23877]  loop_add+0x270/0x760
[ 1286.689632][T23877]  loop_control_ioctl+0x564/0x740
[ 1286.694625][T23877]  ? loop_remove+0xb0/0xb0
[ 1286.699020][T23877]  ? __fget_files+0x310/0x370
[ 1286.703673][T23877]  ? security_file_ioctl+0xb1/0xd0
[ 1286.708755][T23877]  ? loop_remove+0xb0/0xb0
[ 1286.713143][T23877]  __se_sys_ioctl+0x115/0x190
[ 1286.717942][T23877]  __x64_sys_ioctl+0x7b/0x90
[ 1286.722509][T23877]  do_syscall_64+0x34/0x70
[ 1286.726900][T23877]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1286.732765][T23877] RIP: 0033:0x7f77b238e0d9
[ 1286.737156][T23877] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
14:32:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1d, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:16 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 14)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:16 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="ad4f621eab14239d3c13eade1dc7704e69116d448e", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r1 = socket(0x9, 0x6, 0x1f)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r6 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r6, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r7, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fc0200000000000000000000000000001400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r8, @ANYBLOB="060001000a000000b570eb517473810acaad3dd077a2cc4a269ce704fc56ec080beb86c9362997915854746eff9e7d8c9f8c65e32b9baaf87014b365f92d9f28a03782acf56da21257ff1dd9a7469b6a0fd067337ecf6fe5a59641e92a108f15951ccf1aa52c160efb43789a663470f1f53e29e229945744d0920ee7f1"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000540)={'erspan0\x00', <r9=>0x0, 0x8000, 0x8000, 0x8, 0x400, {{0xf, 0x4, 0x3, 0x5, 0x3c, 0x67, 0x0, 0x3f, 0x2f, 0x0, @multicast1, @loopback, {[@end, @generic={0x174f937a3d752746, 0x12, "60230d8dde0bf823aa113d4da03d5d92"}, @ssrr={0x89, 0xf, 0x78, [@remote, @multicast1, @local]}, @ra={0x94, 0x4}]}}}}})
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r1, &(0x7f0000000740)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000008c0)={0x118, r2, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x40}, 0x8080)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000180)={0x1, 0x4, 0xa7, 0x1, @vifc_lcl_ifindex, @empty}, 0x10)
ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x48, r12, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x34}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x400}, 0x95)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r11, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20000800)

[ 1286.756821][T23877] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1286.765212][T23877] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1286.773168][T23877] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1286.781113][T23877] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1286.789060][T23877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1286.797018][T23877] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1286.834654][T23896] FAULT_INJECTION: forcing a failure.
[ 1286.834654][T23896] name failslab, interval 1, probability 0, space 0, times 0
[ 1286.848181][T23896] CPU: 0 PID: 23896 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1286.858528][T23896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1286.868568][T23896] Call Trace:
[ 1286.871853][T23896]  dump_stack_lvl+0x1e2/0x24b
[ 1286.876517][T23896]  ? panic+0x7d7/0x7d7
[ 1286.880559][T23896]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1286.885993][T23896]  dump_stack+0x15/0x17
[ 1286.890121][T23896]  should_fail+0x3c0/0x510
[ 1286.894509][T23896]  __should_failslab+0x9f/0xe0
[ 1286.899247][T23896]  should_failslab+0x9/0x20
[ 1286.903775][T23896]  kmem_cache_alloc+0x3f/0x300
[ 1286.908512][T23896]  ? mempool_alloc_slab+0x1d/0x30
[ 1286.913507][T23896]  ? ____kasan_slab_free+0x10a/0x160
[ 1286.918778][T23896]  mempool_alloc_slab+0x1d/0x30
[ 1286.923611][T23896]  ? mempool_free+0x310/0x310
[ 1286.928257][T23896]  mempool_init_node+0x1e6/0x4b0
14:32:16 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0})

[ 1286.933188][T23896]  ? mempool_free+0x310/0x310
[ 1286.937843][T23896]  ? mempool_alloc_slab+0x30/0x30
[ 1286.942845][T23896]  mempool_init+0x3c/0x50
[ 1286.947152][T23896]  bioset_init+0x48e/0x640
[ 1286.951541][T23896]  blk_alloc_queue+0xc6/0x640
[ 1286.956201][T23896]  ? __mutex_init+0xa1/0xf0
[ 1286.960704][T23896]  blk_mq_init_queue+0x35/0xc0
[ 1286.965465][T23896]  loop_add+0x270/0x760
[ 1286.969653][T23896]  loop_control_ioctl+0x564/0x740
[ 1286.974666][T23896]  ? loop_remove+0xb0/0xb0
[ 1286.979067][T23896]  ? __fget_files+0x310/0x370
[ 1286.983723][T23896]  ? security_file_ioctl+0xb1/0xd0
[ 1286.988814][T23896]  ? loop_remove+0xb0/0xb0
[ 1286.993207][T23896]  __se_sys_ioctl+0x115/0x190
[ 1286.997861][T23896]  __x64_sys_ioctl+0x7b/0x90
[ 1287.002443][T23896]  do_syscall_64+0x34/0x70
[ 1287.006850][T23896]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1287.012738][T23896] RIP: 0033:0x7f77b238e0d9
14:32:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1e, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1287.017140][T23896] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1287.036722][T23896] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1287.045119][T23896] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1287.053069][T23896] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1287.061020][T23896] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1287.068969][T23896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1287.076919][T23896] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:18 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none}, 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none}, 0x8) (async)

14:32:19 executing program 5:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc3}, &(0x7f0000000180)={0x0, "9b0588435bbbd0e216e75376832b89b4e91b2ea2abd7b9e74b2d1cacacd7f25327ed23755152cd46fc74b01038d6ff5307b87c6b5853ae4247d3adf840f74945", 0x29}, 0x48, 0xfffffffffffffffa)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffff9, r1, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x16}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000861)
add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) (async)
add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc3}, &(0x7f0000000180)={0x0, "9b0588435bbbd0e216e75376832b89b4e91b2ea2abd7b9e74b2d1cacacd7f25327ed23755152cd46fc74b01038d6ff5307b87c6b5853ae4247d3adf840f74945", 0x29}, 0x48, 0xfffffffffffffffa) (async)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffff9, r1, 0x1) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x16}]}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000861) (async)

14:32:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x21, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:19 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 15)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:19 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)

14:32:19 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="ad4f621eab14239d3c13eade1dc7704e69116d448e", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async, rerun: 64)
r1 = socket(0x9, 0x6, 0x1f) (async, rerun: 64)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) (async)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r6 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r6, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r7, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fc0200000000000000000000000000001400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r8, @ANYBLOB="060001000a000000b570eb517473810acaad3dd077a2cc4a269ce704fc56ec080beb86c9362997915854746eff9e7d8c9f8c65e32b9baaf87014b365f92d9f28a03782acf56da21257ff1dd9a7469b6a0fd067337ecf6fe5a59641e92a108f15951ccf1aa52c160efb43789a663470f1f53e29e229945744d0920ee7f1"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000540)={'erspan0\x00', <r9=>0x0, 0x8000, 0x8000, 0x8, 0x400, {{0xf, 0x4, 0x3, 0x5, 0x3c, 0x67, 0x0, 0x3f, 0x2f, 0x0, @multicast1, @loopback, {[@end, @generic={0x174f937a3d752746, 0x12, "60230d8dde0bf823aa113d4da03d5d92"}, @ssrr={0x89, 0xf, 0x78, [@remote, @multicast1, @local]}, @ra={0x94, 0x4}]}}}}}) (async)
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r1, &(0x7f0000000740)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000008c0)={0x118, r2, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x40}, 0x8080)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000180)={0x1, 0x4, 0xa7, 0x1, @vifc_lcl_ifindex, @empty}, 0x10) (async)
ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x48, r12, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x34}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x400}, 0x95) (async, rerun: 32)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r11, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20000800) (rerun: 32)

14:32:19 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x4, &(0x7f0000000040)=[{0x7, 0x1, 0x2, 0x2}, {0x1, 0x53, 0x80, 0x7fff}, {0x7ff, 0xf0, 0x9, 0x2}, {0x4, 0x8, 0x7c}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x7fff, 0x7, 0x5, 0x3}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)={0x40, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}}, 0x0)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, r1, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x20040040)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xac, r2, 0x10, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7ff}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x41}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7ffffffc}}]}, 0xac}, 0x1, 0x0, 0x0, 0x24000040}, 0x8b388f0db8bcfb66)

[ 1289.834447][T23912] FAULT_INJECTION: forcing a failure.
[ 1289.834447][T23912] name failslab, interval 1, probability 0, space 0, times 0
[ 1289.851709][T23912] CPU: 1 PID: 23912 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1289.862048][T23912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1289.872086][T23912] Call Trace:
[ 1289.875360][T23912]  dump_stack_lvl+0x1e2/0x24b
[ 1289.880018][T23912]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1289.885453][T23912]  dump_stack+0x15/0x17
[ 1289.889585][T23912]  should_fail+0x3c0/0x510
[ 1289.893978][T23912]  ? mempool_init_node+0x12b/0x4b0
[ 1289.899061][T23912]  __should_failslab+0x9f/0xe0
[ 1289.903809][T23912]  should_failslab+0x9/0x20
[ 1289.908287][T23912]  __kmalloc+0x60/0x360
[ 1289.912418][T23912]  ? ____kasan_slab_free+0x10a/0x160
[ 1289.917680][T23912]  mempool_init_node+0x12b/0x4b0
[ 1289.922593][T23912]  ? mempool_alloc_slab+0x30/0x30
[ 1289.927591][T23912]  ? mempool_free+0x310/0x310
[ 1289.932243][T23912]  ? mempool_free+0x310/0x310
[ 1289.936982][T23912]  ? mempool_alloc_slab+0x30/0x30
[ 1289.941984][T23912]  mempool_init+0x3c/0x50
[ 1289.946288][T23912]  bioset_init+0x503/0x640
[ 1289.950680][T23912]  blk_alloc_queue+0xc6/0x640
[ 1289.955334][T23912]  ? __mutex_init+0xa1/0xf0
[ 1289.959816][T23912]  blk_mq_init_queue+0x35/0xc0
[ 1289.964559][T23912]  loop_add+0x270/0x760
[ 1289.968691][T23912]  loop_control_ioctl+0x564/0x740
[ 1289.973691][T23912]  ? loop_remove+0xb0/0xb0
[ 1289.978086][T23912]  ? __fget_files+0x310/0x370
[ 1289.982740][T23912]  ? security_file_ioctl+0xb1/0xd0
[ 1289.987828][T23912]  ? loop_remove+0xb0/0xb0
[ 1289.992223][T23912]  __se_sys_ioctl+0x115/0x190
[ 1289.996876][T23912]  __x64_sys_ioctl+0x7b/0x90
[ 1290.001440][T23912]  do_syscall_64+0x34/0x70
[ 1290.005831][T23912]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1290.011705][T23912] RIP: 0033:0x7f77b238e0d9
[ 1290.016099][T23912] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1290.035679][T23912] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1290.044070][T23912] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1290.052016][T23912] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1290.059961][T23912] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1290.067909][T23912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1290.075858][T23912] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x22, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x23, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:19 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x4, &(0x7f0000000040)=[{0x7, 0x1, 0x2, 0x2}, {0x1, 0x53, 0x80, 0x7fff}, {0x7ff, 0xf0, 0x9, 0x2}, {0x4, 0x8, 0x7c}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x7fff, 0x7, 0x5, 0x3}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0) (async)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)={0x40, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}}, 0x0) (async)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, r1, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x20040040)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xac, r2, 0x10, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7ff}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x41}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7ffffffc}}]}, 0xac}, 0x1, 0x0, 0x0, 0x24000040}, 0x8b388f0db8bcfb66)

14:32:19 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 16)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1290.087247][   T23] kauditd_printk_skb: 14 callbacks suppressed
[ 1290.087259][   T23] audit: type=1326 audit(1669991539.539:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23919 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1290.129395][T23927] FAULT_INJECTION: forcing a failure.
14:32:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x300, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:19 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="ad4f621eab14239d3c13eade1dc7704e69116d448e", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r1 = socket(0x9, 0x6, 0x1f) (async)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) (async)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r6 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r6, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r7, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fc0200000000000000000000000000001400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r8, @ANYBLOB="060001000a000000b570eb517473810acaad3dd077a2cc4a269ce704fc56ec080beb86c9362997915854746eff9e7d8c9f8c65e32b9baaf87014b365f92d9f28a03782acf56da21257ff1dd9a7469b6a0fd067337ecf6fe5a59641e92a108f15951ccf1aa52c160efb43789a663470f1f53e29e229945744d0920ee7f1"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000540)={'erspan0\x00', <r9=>0x0, 0x8000, 0x8000, 0x8, 0x400, {{0xf, 0x4, 0x3, 0x5, 0x3c, 0x67, 0x0, 0x3f, 0x2f, 0x0, @multicast1, @loopback, {[@end, @generic={0x174f937a3d752746, 0x12, "60230d8dde0bf823aa113d4da03d5d92"}, @ssrr={0x89, 0xf, 0x78, [@remote, @multicast1, @local]}, @ra={0x94, 0x4}]}}}}}) (async)
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r1, &(0x7f0000000740)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f00000008c0)={0x118, r2, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x40}, 0x8080) (async)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000180)={0x1, 0x4, 0xa7, 0x1, @vifc_lcl_ifindex, @empty}, 0x10) (async)
ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x48, r12, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x34}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x400}, 0x95)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r11, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20000800)

[ 1290.129395][T23927] name failslab, interval 1, probability 0, space 0, times 0
[ 1290.142159][   T23] audit: type=1326 audit(1669991539.579:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23919 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1290.145148][T23927] CPU: 1 PID: 23927 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1290.175983][T23927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1290.186025][T23927] Call Trace:
[ 1290.189300][T23927]  dump_stack_lvl+0x1e2/0x24b
[ 1290.194039][T23927]  ? panic+0x7d7/0x7d7
[ 1290.198082][T23927]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1290.203510][T23927]  dump_stack+0x15/0x17
[ 1290.207638][T23927]  should_fail+0x3c0/0x510
[ 1290.212024][T23927]  __should_failslab+0x9f/0xe0
[ 1290.216757][T23927]  should_failslab+0x9/0x20
[ 1290.221227][T23927]  kmem_cache_alloc+0x3f/0x300
[ 1290.225959][T23927]  ? mempool_alloc_slab+0x1d/0x30
[ 1290.230960][T23927]  mempool_alloc_slab+0x1d/0x30
[ 1290.235796][T23927]  ? mempool_free+0x310/0x310
[ 1290.240458][T23927]  mempool_init_node+0x1e6/0x4b0
[ 1290.245370][T23927]  ? mempool_free+0x310/0x310
[ 1290.250019][T23927]  ? mempool_alloc_slab+0x30/0x30
[ 1290.255021][T23927]  mempool_init+0x3c/0x50
[ 1290.259324][T23927]  bioset_init+0x503/0x640
[ 1290.263712][T23927]  blk_alloc_queue+0xc6/0x640
[ 1290.268367][T23927]  ? __mutex_init+0xa1/0xf0
[ 1290.272841][T23927]  blk_mq_init_queue+0x35/0xc0
[ 1290.277575][T23927]  loop_add+0x270/0x760
[ 1290.281700][T23927]  loop_control_ioctl+0x564/0x740
[ 1290.286692][T23927]  ? loop_remove+0xb0/0xb0
[ 1290.291075][T23927]  ? __fget_files+0x310/0x370
[ 1290.295730][T23927]  ? security_file_ioctl+0xb1/0xd0
[ 1290.300817][T23927]  ? loop_remove+0xb0/0xb0
[ 1290.305202][T23927]  __se_sys_ioctl+0x115/0x190
[ 1290.309848][T23927]  __x64_sys_ioctl+0x7b/0x90
[ 1290.314406][T23927]  do_syscall_64+0x34/0x70
[ 1290.318793][T23927]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1290.324657][T23927] RIP: 0033:0x7f77b238e0d9
[ 1290.329044][T23927] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1290.348620][T23927] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1290.357013][T23927] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1290.364959][T23927] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1290.372901][T23927] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1290.380848][T23927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1290.388792][T23927] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1290.409119][   T23] audit: type=1326 audit(1669991539.859:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23943 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:32:22 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040))

14:32:22 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x4, &(0x7f0000000040)=[{0x7, 0x1, 0x2, 0x2}, {0x1, 0x53, 0x80, 0x7fff}, {0x7ff, 0xf0, 0x9, 0x2}, {0x4, 0x8, 0x7c}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x7fff, 0x7, 0x5, 0x3}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)={0x40, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}}, 0x0)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, r1, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x840}, 0x20040040) (async)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xac, r2, 0x10, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7ff}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x41}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7ffffffc}}]}, 0xac}, 0x1, 0x0, 0x0, 0x24000040}, 0x8b388f0db8bcfb66)

14:32:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x500, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:22 executing program 2:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000180))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16, 0x0, 0x0, 0xfffffffc}]})

14:32:22 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 17)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:22 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r0})

14:32:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x600, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="501a0000", @ANYRES16=0x0, @ANYBLOB="000127bd7000fcdbdf25040000000800030006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x36c6ce591c35073b)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1292.863745][T23960] FAULT_INJECTION: forcing a failure.
[ 1292.863745][T23960] name failslab, interval 1, probability 0, space 0, times 0
[ 1292.876652][   T23] audit: type=1326 audit(1669991542.329:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23956 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1292.879834][T23960] CPU: 0 PID: 23960 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1292.910469][T23960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1292.920502][T23960] Call Trace:
[ 1292.923772][T23960]  dump_stack_lvl+0x1e2/0x24b
[ 1292.928427][T23960]  ? panic+0x7d7/0x7d7
[ 1292.932469][T23960]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1292.937906][T23960]  dump_stack+0x15/0x17
[ 1292.942039][T23960]  should_fail+0x3c0/0x510
[ 1292.946432][T23960]  __should_failslab+0x9f/0xe0
[ 1292.951171][T23960]  should_failslab+0x9/0x20
[ 1292.955736][T23960]  kmem_cache_alloc+0x3f/0x300
[ 1292.960476][T23960]  ? mempool_alloc_slab+0x1d/0x30
[ 1292.965476][T23960]  ? ____kasan_slab_free+0x10a/0x160
[ 1292.970826][T23960]  mempool_alloc_slab+0x1d/0x30
[ 1292.975653][T23960]  ? mempool_free+0x310/0x310
[ 1292.980309][T23960]  mempool_init_node+0x1e6/0x4b0
[ 1292.985222][T23960]  ? mempool_free+0x310/0x310
[ 1292.989875][T23960]  ? mempool_alloc_slab+0x30/0x30
[ 1292.994872][T23960]  mempool_init+0x3c/0x50
[ 1292.999178][T23960]  bioset_init+0x503/0x640
[ 1293.003577][T23960]  blk_alloc_queue+0xc6/0x640
[ 1293.008230][T23960]  ? __mutex_init+0xa1/0xf0
[ 1293.012709][T23960]  blk_mq_init_queue+0x35/0xc0
[ 1293.017447][T23960]  loop_add+0x270/0x760
[ 1293.021581][T23960]  loop_control_ioctl+0x564/0x740
[ 1293.026584][T23960]  ? loop_remove+0xb0/0xb0
[ 1293.030978][T23960]  ? __fget_files+0x310/0x370
[ 1293.035629][T23960]  ? security_file_ioctl+0xb1/0xd0
[ 1293.040715][T23960]  ? loop_remove+0xb0/0xb0
[ 1293.045106][T23960]  __se_sys_ioctl+0x115/0x190
[ 1293.049844][T23960]  __x64_sys_ioctl+0x7b/0x90
[ 1293.054412][T23960]  do_syscall_64+0x34/0x70
[ 1293.058805][T23960]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1293.064675][T23960] RIP: 0033:0x7f77b238e0d9
[ 1293.069071][T23960] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1293.088737][T23960] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1293.097126][T23960] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1293.105076][T23960] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
14:32:22 executing program 2:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000180))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16, 0x0, 0x0, 0xfffffffc}]})

14:32:22 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)) (async)

[ 1293.113024][T23960] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1293.120972][T23960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1293.128938][T23960] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1293.139917][   T23] audit: type=1326 audit(1669991542.329:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23961 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30e4d840d9 code=0x0
14:32:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x700, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:22 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040))

14:32:22 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 18)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:22 executing program 2:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000180)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16, 0x0, 0x0, 0xfffffffc}]})

14:32:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x900, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:22 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_AIE_OFF(r0, 0x7002)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1293.187105][   T23] audit: type=1326 audit(1669991542.629:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23965 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1293.211398][   T23] audit: type=1326 audit(1669991542.669:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23970 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1293.257078][   T23] audit: type=1326 audit(1669991542.669:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23965 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f0223a68f8b code=0x0
[ 1293.257133][T23980] FAULT_INJECTION: forcing a failure.
[ 1293.257133][T23980] name failslab, interval 1, probability 0, space 0, times 0
14:32:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xa00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1293.296909][   T23] audit: type=1326 audit(1669991542.749:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23982 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1293.322058][   T23] audit: type=1326 audit(1669991542.769:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23985 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1293.336827][T23980] CPU: 0 PID: 23980 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1293.355968][T23980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1293.366007][T23980] Call Trace:
[ 1293.369277][T23980]  dump_stack_lvl+0x1e2/0x24b
[ 1293.373929][T23980]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1293.379362][T23980]  ? kmem_cache_alloc+0x1a4/0x300
[ 1293.384360][T23980]  ? ____kasan_slab_free+0x10a/0x160
[ 1293.389620][T23980]  dump_stack+0x15/0x17
[ 1293.393750][T23980]  should_fail+0x3c0/0x510
[ 1293.398142][T23980]  ? bdi_alloc+0x4e/0x110
[ 1293.402445][T23980]  __should_failslab+0x9f/0xe0
[ 1293.407182][T23980]  should_failslab+0x9/0x20
[ 1293.411659][T23980]  kmem_cache_alloc_trace+0x3a/0x330
[ 1293.416920][T23980]  ? bioset_init+0x54a/0x640
[ 1293.421482][T23980]  bdi_alloc+0x4e/0x110
[ 1293.425614][T23980]  blk_alloc_queue+0x111/0x640
[ 1293.430351][T23980]  ? __mutex_init+0xa1/0xf0
[ 1293.434831][T23980]  blk_mq_init_queue+0x35/0xc0
[ 1293.439580][T23980]  loop_add+0x270/0x760
[ 1293.443712][T23980]  loop_control_ioctl+0x564/0x740
[ 1293.448709][T23980]  ? loop_remove+0xb0/0xb0
[ 1293.453102][T23980]  ? __fget_files+0x310/0x370
[ 1293.457758][T23980]  ? security_file_ioctl+0xb1/0xd0
[ 1293.462845][T23980]  ? loop_remove+0xb0/0xb0
[ 1293.467241][T23980]  __se_sys_ioctl+0x115/0x190
[ 1293.471892][T23980]  __x64_sys_ioctl+0x7b/0x90
[ 1293.476457][T23980]  do_syscall_64+0x34/0x70
[ 1293.480848][T23980]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1293.486712][T23980] RIP: 0033:0x7f77b238e0d9
[ 1293.491103][T23980] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1293.510690][T23980] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1293.519097][T23980] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1293.527052][T23980] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1293.535002][T23980] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1293.542954][T23980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1293.550906][T23980] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:23 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r1 = syz_open_dev$vcsu(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000000c0)={0x0, 0x6, r1})

14:32:23 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000040)={0x0, 0x2, r1, 0x80000001, 0x80000})

14:32:23 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="501a0000", @ANYRES16=0x0, @ANYBLOB="000127bd7000fcdbdf25040000000800030006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x36c6ce591c35073b)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="501a0000", @ANYRES16=0x0, @ANYBLOB="000127bd7000fcdbdf25040000000800030006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x36c6ce591c35073b) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)

14:32:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xb00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:23 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 19)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xc00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1293.833177][T24001] FAULT_INJECTION: forcing a failure.
[ 1293.833177][T24001] name failslab, interval 1, probability 0, space 0, times 0
[ 1293.867550][T24001] CPU: 1 PID: 24001 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1293.877978][T24001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1293.888036][T24001] Call Trace:
[ 1293.891332][T24001]  dump_stack_lvl+0x1e2/0x24b
[ 1293.896016][T24001]  ? panic+0x7d7/0x7d7
[ 1293.900091][T24001]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1293.905549][T24001]  dump_stack+0x15/0x17
[ 1293.909711][T24001]  should_fail+0x3c0/0x510
[ 1293.914125][T24001]  ? blk_alloc_queue_stats+0x4c/0x100
[ 1293.919495][T24001]  __should_failslab+0x9f/0xe0
[ 1293.924264][T24001]  should_failslab+0x9/0x20
[ 1293.928770][T24001]  kmem_cache_alloc_trace+0x3a/0x330
[ 1293.934042][T24001]  ? bdi_init+0x239/0x370
[ 1293.938363][T24001]  blk_alloc_queue_stats+0x4c/0x100
[ 1293.943540][T24001]  blk_alloc_queue+0x151/0x640
[ 1293.948281][T24001]  ? __mutex_init+0xa1/0xf0
[ 1293.952761][T24001]  blk_mq_init_queue+0x35/0xc0
[ 1293.957503][T24001]  loop_add+0x270/0x760
[ 1293.961639][T24001]  loop_control_ioctl+0x564/0x740
[ 1293.966726][T24001]  ? loop_remove+0xb0/0xb0
[ 1293.971125][T24001]  ? __fget_files+0x310/0x370
[ 1293.975787][T24001]  ? security_file_ioctl+0xb1/0xd0
[ 1293.980883][T24001]  ? loop_remove+0xb0/0xb0
[ 1293.985273][T24001]  __se_sys_ioctl+0x115/0x190
[ 1293.989932][T24001]  __x64_sys_ioctl+0x7b/0x90
[ 1293.994498][T24001]  do_syscall_64+0x34/0x70
[ 1293.998890][T24001]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1294.004759][T24001] RIP: 0033:0x7f77b238e0d9
[ 1294.009159][T24001] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
14:32:23 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_AIE_OFF(r0, 0x7002)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:23 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 20)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xd00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1294.028741][T24001] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1294.037131][T24001] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1294.045077][T24001] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1294.053024][T24001] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1294.060972][T24001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1294.068924][T24001] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xe00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1294.116778][T24008] FAULT_INJECTION: forcing a failure.
[ 1294.116778][T24008] name failslab, interval 1, probability 0, space 0, times 0
[ 1294.137327][T24008] CPU: 0 PID: 24008 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1294.147669][T24008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1294.157718][T24008] Call Trace:
[ 1294.161004][T24008]  dump_stack_lvl+0x1e2/0x24b
[ 1294.165677][T24008]  ? panic+0x7d7/0x7d7
[ 1294.169736][T24008]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1294.175272][T24008]  ? find_next_bit+0xd6/0x120
[ 1294.179940][T24008]  ? cpumask_next+0x11/0x30
[ 1294.184431][T24008]  dump_stack+0x15/0x17
[ 1294.188577][T24008]  should_fail+0x3c0/0x510
[ 1294.192978][T24008]  ? percpu_ref_init+0xd0/0x340
[ 1294.197886][T24008]  __should_failslab+0x9f/0xe0
[ 1294.202638][T24008]  should_failslab+0x9/0x20
[ 1294.207124][T24008]  kmem_cache_alloc_trace+0x3a/0x330
[ 1294.212379][T24008]  percpu_ref_init+0xd0/0x340
[ 1294.217032][T24008]  ? blk_timeout_work+0x10/0x10
[ 1294.221855][T24008]  ? __kasan_check_write+0x14/0x20
[ 1294.226937][T24008]  blk_alloc_queue+0x440/0x640
[ 1294.231672][T24008]  blk_mq_init_queue+0x35/0xc0
[ 1294.236409][T24008]  loop_add+0x270/0x760
[ 1294.240536][T24008]  loop_control_ioctl+0x564/0x740
[ 1294.245617][T24008]  ? loop_remove+0xb0/0xb0
[ 1294.250006][T24008]  ? __fget_files+0x310/0x370
[ 1294.254655][T24008]  ? security_file_ioctl+0xb1/0xd0
[ 1294.259744][T24008]  ? loop_remove+0xb0/0xb0
[ 1294.264130][T24008]  __se_sys_ioctl+0x115/0x190
[ 1294.268778][T24008]  __x64_sys_ioctl+0x7b/0x90
[ 1294.273336][T24008]  do_syscall_64+0x34/0x70
[ 1294.277728][T24008]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1294.283594][T24008] RIP: 0033:0x7f77b238e0d9
[ 1294.287996][T24008] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1294.307587][T24008] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:32:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xf00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:23 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 21)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1294.315981][T24008] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1294.323930][T24008] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1294.331968][T24008] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1294.339912][T24008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1294.347868][T24008] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1294.379574][T24021] FAULT_INJECTION: forcing a failure.
[ 1294.379574][T24021] name failslab, interval 1, probability 0, space 0, times 0
[ 1294.392260][T24021] CPU: 0 PID: 24021 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1294.402556][T24021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1294.412589][T24021] Call Trace:
[ 1294.415856][T24021]  dump_stack_lvl+0x1e2/0x24b
[ 1294.420523][T24021]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1294.425983][T24021]  dump_stack+0x15/0x17
[ 1294.430132][T24021]  should_fail+0x3c0/0x510
[ 1294.434542][T24021]  ? blkg_alloc+0x87/0x5a0
[ 1294.438950][T24021]  __should_failslab+0x9f/0xe0
[ 1294.443705][T24021]  should_failslab+0x9/0x20
[ 1294.448201][T24021]  kmem_cache_alloc_trace+0x3a/0x330
[ 1294.453480][T24021]  ? __kasan_kmalloc+0x9/0x10
[ 1294.458147][T24021]  blkg_alloc+0x87/0x5a0
[ 1294.462390][T24021]  blkcg_init_queue+0x27/0x1d0
[ 1294.467155][T24021]  blk_alloc_queue+0x49b/0x640
[ 1294.471921][T24021]  blk_mq_init_queue+0x35/0xc0
[ 1294.476695][T24021]  loop_add+0x270/0x760
[ 1294.480884][T24021]  loop_control_ioctl+0x564/0x740
[ 1294.485916][T24021]  ? loop_remove+0xb0/0xb0
[ 1294.490341][T24021]  ? __fget_files+0x310/0x370
[ 1294.495013][T24021]  ? security_file_ioctl+0xb1/0xd0
[ 1294.500120][T24021]  ? loop_remove+0xb0/0xb0
[ 1294.504538][T24021]  __se_sys_ioctl+0x115/0x190
[ 1294.509217][T24021]  __x64_sys_ioctl+0x7b/0x90
[ 1294.513805][T24021]  do_syscall_64+0x34/0x70
[ 1294.518219][T24021]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1294.524104][T24021] RIP: 0033:0x7f77b238e0d9
[ 1294.528529][T24021] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1294.548131][T24021] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1294.556549][T24021] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1294.564524][T24021] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1294.572495][T24021] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
14:32:24 executing program 0:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:24 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1100, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1294.580465][T24021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1294.588443][T24021] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="501a0000", @ANYRES16=0x0, @ANYBLOB="000127bd7000fcdbdf25040000000800030006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x36c6ce591c35073b) (async, rerun: 64)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (rerun: 64)

14:32:24 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000040)={0x0, 0x2, r1, 0x80000001, 0x80000})

14:32:24 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 22)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:24 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1200, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1294.671981][T24035] FAULT_INJECTION: forcing a failure.
[ 1294.671981][T24035] name failslab, interval 1, probability 0, space 0, times 0
[ 1294.685288][T24035] CPU: 1 PID: 24035 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1294.695609][T24035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1294.705643][T24035] Call Trace:
[ 1294.708914][T24035]  dump_stack_lvl+0x1e2/0x24b
[ 1294.713562][T24035]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1294.719122][T24035]  ? find_next_bit+0xd6/0x120
[ 1294.723870][T24035]  dump_stack+0x15/0x17
[ 1294.728004][T24035]  should_fail+0x3c0/0x510
[ 1294.732394][T24035]  ? percpu_ref_init+0xd0/0x340
[ 1294.737215][T24035]  __should_failslab+0x9f/0xe0
[ 1294.741953][T24035]  should_failslab+0x9/0x20
[ 1294.746423][T24035]  kmem_cache_alloc_trace+0x3a/0x330
[ 1294.751680][T24035]  percpu_ref_init+0xd0/0x340
[ 1294.756327][T24035]  ? blk_cgroup_bio_start+0x310/0x310
[ 1294.761673][T24035]  blkg_alloc+0xa4/0x5a0
[ 1294.765890][T24035]  blkcg_init_queue+0x27/0x1d0
[ 1294.770628][T24035]  blk_alloc_queue+0x49b/0x640
[ 1294.775362][T24035]  blk_mq_init_queue+0x35/0xc0
[ 1294.780098][T24035]  loop_add+0x270/0x760
[ 1294.784226][T24035]  loop_control_ioctl+0x564/0x740
[ 1294.789223][T24035]  ? loop_remove+0xb0/0xb0
[ 1294.793631][T24035]  ? __fget_files+0x310/0x370
[ 1294.798372][T24035]  ? security_file_ioctl+0xb1/0xd0
[ 1294.803455][T24035]  ? loop_remove+0xb0/0xb0
[ 1294.807845][T24035]  __se_sys_ioctl+0x115/0x190
[ 1294.812493][T24035]  __x64_sys_ioctl+0x7b/0x90
[ 1294.817066][T24035]  do_syscall_64+0x34/0x70
[ 1294.821461][T24035]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1294.827327][T24035] RIP: 0033:0x7f77b238e0d9
[ 1294.831720][T24035] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1294.851298][T24035] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1294.859687][T24035] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1294.867630][T24035] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1294.875576][T24035] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1294.883543][T24035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1294.891493][T24035] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:26 executing program 5:
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_AIE_OFF(r0, 0x7002)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:26 executing program 0:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:26 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1300, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:26 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 23)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:26 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000040)={0x0, 0x2, r1, 0x80000001, 0x80000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000040)={0x0, 0x2, r1, 0x80000001, 0x80000}) (async)

14:32:26 executing program 0:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:26 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1400, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1297.388505][   T23] kauditd_printk_skb: 10 callbacks suppressed
[ 1297.388518][   T23] audit: type=1326 audit(1669991546.839:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24041 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1297.388888][T24047] FAULT_INJECTION: forcing a failure.
[ 1297.388888][T24047] name failslab, interval 1, probability 0, space 0, times 0
14:32:26 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1297.432011][   T23] audit: type=1326 audit(1669991546.889:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1297.432055][T24047] CPU: 1 PID: 24047 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1297.465746][T24047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1297.475903][T24047] Call Trace:
[ 1297.479189][T24047]  dump_stack_lvl+0x1e2/0x24b
[ 1297.483841][T24047]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1297.489275][T24047]  ? pcpu_memcg_post_alloc_hook+0x1c8/0x340
[ 1297.495144][T24047]  ? trace_raw_output_percpu_destroy_chunk+0xc0/0xc0
[ 1297.501794][T24047]  dump_stack+0x15/0x17
[ 1297.505932][T24047]  should_fail+0x3c0/0x510
[ 1297.510320][T24047]  ? blk_stat_alloc_callback+0x60/0x210
[ 1297.515837][T24047]  __should_failslab+0x9f/0xe0
[ 1297.520570][T24047]  should_failslab+0x9/0x20
[ 1297.525102][T24047]  kmem_cache_alloc_trace+0x3a/0x330
[ 1297.530363][T24047]  ? blk_mq_poll_stats_fn+0x130/0x130
[ 1297.535707][T24047]  blk_stat_alloc_callback+0x60/0x210
[ 1297.541055][T24047]  ? blk_mq_free_tag_set+0x690/0x690
[ 1297.546319][T24047]  blk_mq_init_allocated_queue+0x8f/0x1a30
[ 1297.552098][T24047]  ? blk_set_default_limits+0x17b/0x410
[ 1297.557614][T24047]  ? blk_alloc_queue+0x574/0x640
[ 1297.562529][T24047]  blk_mq_init_queue+0x6c/0xc0
[ 1297.567275][T24047]  loop_add+0x270/0x760
[ 1297.571421][T24047]  loop_control_ioctl+0x564/0x740
[ 1297.576417][T24047]  ? loop_remove+0xb0/0xb0
[ 1297.580803][T24047]  ? __fget_files+0x310/0x370
[ 1297.585560][T24047]  ? security_file_ioctl+0xb1/0xd0
[ 1297.590643][T24047]  ? loop_remove+0xb0/0xb0
[ 1297.595148][T24047]  __se_sys_ioctl+0x115/0x190
[ 1297.599799][T24047]  __x64_sys_ioctl+0x7b/0x90
[ 1297.604448][T24047]  do_syscall_64+0x34/0x70
[ 1297.608836][T24047]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1297.614707][T24047] RIP: 0033:0x7f77b238e0d9
[ 1297.619094][T24047] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1297.638671][T24047] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1297.647057][T24047] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1297.655002][T24047] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1297.662955][T24047] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1297.670899][T24047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1297.678843][T24047] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1297.687592][   T23] audit: type=1326 audit(1669991547.139:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f57d0c7cf8b code=0x0
[ 1297.739941][   T23] audit: type=1326 audit(1669991547.189:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24041 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:32:27 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080))
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200402}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x133d}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4011)

14:32:27 executing program 0:
bpf$MAP_CREATE(0x5, 0x0, 0x0)

14:32:27 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1500, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:27 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 24)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1297.945985][T24068] FAULT_INJECTION: forcing a failure.
[ 1297.945985][T24068] name failslab, interval 1, probability 0, space 0, times 0
[ 1297.959222][T24068] CPU: 1 PID: 24068 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1297.969542][T24068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1297.979578][T24068] Call Trace:
[ 1297.982845][T24068]  dump_stack_lvl+0x1e2/0x24b
[ 1297.987492][T24068]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1297.992919][T24068]  dump_stack+0x15/0x17
[ 1297.997046][T24068]  should_fail+0x3c0/0x510
[ 1298.001440][T24068]  ? blk_stat_alloc_callback+0x8e/0x210
[ 1298.006959][T24068]  __should_failslab+0x9f/0xe0
[ 1298.011713][T24068]  should_failslab+0x9/0x20
[ 1298.016205][T24068]  __kmalloc+0x60/0x360
[ 1298.020342][T24068]  ? kmem_cache_alloc_trace+0x1dd/0x330
[ 1298.025869][T24068]  ? blk_stat_alloc_callback+0x60/0x210
[ 1298.031384][T24068]  ? blk_mq_poll_stats_fn+0x130/0x130
[ 1298.036730][T24068]  blk_stat_alloc_callback+0x8e/0x210
[ 1298.042070][T24068]  ? blk_mq_free_tag_set+0x690/0x690
[ 1298.047326][T24068]  ? blk_mq_poll_stats_fn+0x130/0x130
[ 1298.052669][T24068]  blk_mq_init_allocated_queue+0x8f/0x1a30
[ 1298.058445][T24068]  ? blk_set_default_limits+0x17b/0x410
[ 1298.063964][T24068]  ? blk_alloc_queue+0x574/0x640
[ 1298.068872][T24068]  blk_mq_init_queue+0x6c/0xc0
[ 1298.073609][T24068]  loop_add+0x270/0x760
[ 1298.077741][T24068]  loop_control_ioctl+0x564/0x740
[ 1298.082736][T24068]  ? loop_remove+0xb0/0xb0
[ 1298.087123][T24068]  ? __fget_files+0x310/0x370
[ 1298.091770][T24068]  ? security_file_ioctl+0xb1/0xd0
[ 1298.096852][T24068]  ? loop_remove+0xb0/0xb0
[ 1298.101238][T24068]  __se_sys_ioctl+0x115/0x190
[ 1298.105884][T24068]  __x64_sys_ioctl+0x7b/0x90
[ 1298.110447][T24068]  do_syscall_64+0x34/0x70
[ 1298.114837][T24068]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1298.120700][T24068] RIP: 0033:0x7f77b238e0d9
[ 1298.125088][T24068] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1298.144664][T24068] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1298.153058][T24068] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1298.161003][T24068] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1298.168950][T24068] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1298.176978][T24068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1298.184924][T24068] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:29 executing program 0:
bpf$MAP_CREATE(0x5, 0x0, 0x0)

14:32:29 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x3, 0x0, 0x0, 0x7}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0))
ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040))
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000140))

14:32:29 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1600, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080))
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200402}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x133d}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4011)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)) (async)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200402}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x133d}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4011) (async)

14:32:29 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 25)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080))
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200402}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x4c, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x133d}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4011)

14:32:29 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r6, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000880)=ANY=[@ANYBLOB='ip_vti0\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=<r8=>r2, @ANYBLOB="0700780000000004000000034d0200b400660000052f90787f00000100000000443c8371ac1414aaffffffff0a01010000000009ac1e000100000003ac1414bb00000007ffffffff0000000600000000000004016401010100000007070b65ac1e0001ac1414aa00440c2a7000000009000100019404000001891f48ac1414aaac1414aaac1414bbe0000002ac1e0101ac1e0001ac1414bb07134864010101ac1414bbac14142ae000000283134a0a0101027f000001ac1414bb7f0000010000806c12d28d65f2eb0bc59a2e96da534305cd6a9b4105d8f520dabb9574d83a1e52480de8e09b60ca6eb189cff690c26b80f22d062b993362bbb55e391c3ecd0b50029a959be87d003db263f58db96f2b78a4fd2baf0cc535d57ffa28ad62e7e9cf078816adfe3a87ef167ffb579e09d924f806eebfe33692eba20c8d0c2bc8e740a852c583331f4fa08a767567c6e56cf03bad274001e3cb2efb24217795b8385d8ffbe700a395b5f01feea8b2"]})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000500)={'erspan0\x00', &(0x7f0000000240)={'ip_vti0\x00', <r9=>r2, 0x7800, 0x8, 0x7fff, 0x1, {{0x6, 0x4, 0x0, 0x12, 0x18, 0x64, 0x0, 0x81, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x11}, @dev={0xac, 0x14, 0x14, 0x25}, {[@ra={0x94, 0x4, 0x1}]}}}}})
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r12=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r11, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)={0xb4, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xb4}}, 0x20008000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
syz_genetlink_get_family_id$fou(&(0x7f0000000180), r3)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r13=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r13}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r13}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x240000d0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:29 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1700, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:29 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x3, 0x0, 0x0, 0x7}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0))
ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040))
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000140))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x3, 0x0, 0x0, 0x7}]}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) (async)
ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040)) (async)
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000140)) (async)

14:32:29 executing program 0:
bpf$MAP_CREATE(0x5, 0x0, 0x0)

[ 1300.413107][T24082] FAULT_INJECTION: forcing a failure.
[ 1300.413107][T24082] name failslab, interval 1, probability 0, space 0, times 0
[ 1300.431116][   T23] audit: type=1326 audit(1669991549.879:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24085 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:32:29 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x8}, 0x48)

14:32:29 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:29 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (fail_nth: 1)

[ 1300.432570][T24082] CPU: 1 PID: 24082 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1300.464871][T24082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1300.474923][T24082] Call Trace:
[ 1300.478212][T24082]  dump_stack_lvl+0x1e2/0x24b
[ 1300.482893][T24082]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1300.488349][T24082]  dump_stack+0x15/0x17
[ 1300.492502][T24082]  should_fail+0x3c0/0x510
[ 1300.492552][T24095] FAULT_INJECTION: forcing a failure.
[ 1300.492552][T24095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1300.496950][T24082]  ? blk_mq_init_allocated_queue+0xf8/0x1a30
[ 1300.496960][T24082]  __should_failslab+0x9f/0xe0
[ 1300.496971][T24082]  should_failslab+0x9/0x20
[ 1300.496979][T24082]  kmem_cache_alloc_trace+0x3a/0x330
[ 1300.496988][T24082]  ? blk_stat_alloc_callback+0x19b/0x210
[ 1300.497004][T24082]  ? blk_mq_free_tag_set+0x690/0x690
[ 1300.541273][T24082]  ? blk_mq_poll_stats_fn+0x130/0x130
[ 1300.546633][T24082]  blk_mq_init_allocated_queue+0xf8/0x1a30
[ 1300.552426][T24082]  ? blk_set_default_limits+0x17b/0x410
[ 1300.557957][T24082]  ? blk_alloc_queue+0x574/0x640
[ 1300.562875][T24082]  blk_mq_init_queue+0x6c/0xc0
[ 1300.567622][T24082]  loop_add+0x270/0x760
[ 1300.571762][T24082]  loop_control_ioctl+0x564/0x740
[ 1300.576763][T24082]  ? loop_remove+0xb0/0xb0
[ 1300.581157][T24082]  ? __fget_files+0x310/0x370
[ 1300.585815][T24082]  ? security_file_ioctl+0xb1/0xd0
[ 1300.590902][T24082]  ? loop_remove+0xb0/0xb0
[ 1300.595305][T24082]  __se_sys_ioctl+0x115/0x190
[ 1300.599968][T24082]  __x64_sys_ioctl+0x7b/0x90
[ 1300.604545][T24082]  do_syscall_64+0x34/0x70
[ 1300.608953][T24082]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1300.614830][T24082] RIP: 0033:0x7f77b238e0d9
[ 1300.619225][T24082] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1300.638814][T24082] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1300.647214][T24082] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1300.655166][T24082] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1300.663117][T24082] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1300.671068][T24082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1300.679023][T24082] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1300.686986][T24095] CPU: 0 PID: 24095 Comm: syz-executor.0 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1300.697302][T24095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1300.707349][T24095] Call Trace:
[ 1300.710634][T24095]  dump_stack_lvl+0x1e2/0x24b
[ 1300.715304][T24095]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1300.720758][T24095]  dump_stack+0x15/0x17
[ 1300.725165][T24095]  should_fail+0x3c0/0x510
[ 1300.729661][T24095]  should_fail_usercopy+0x1a/0x20
[ 1300.734791][T24095]  _copy_from_user+0x20/0xd0
[ 1300.739384][T24095]  __do_sys_bpf+0x18f/0x6c0
[ 1300.743882][T24095]  ? fput_many+0x47/0x1a0
[ 1300.748211][T24095]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 1300.753580][T24095]  ? debug_smp_processor_id+0x17/0x20
[ 1300.758950][T24095]  __x64_sys_bpf+0x7a/0x90
[ 1300.763535][T24095]  do_syscall_64+0x34/0x70
[ 1300.767953][T24095]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1300.773833][T24095] RIP: 0033:0x7f30e4d840d9
[ 1300.778339][T24095] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1300.797934][T24095] RSP: 002b:00007f30e3af7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1300.806349][T24095] RAX: ffffffffffffffda RBX: 00007f30e4ea3f80 RCX: 00007f30e4d840d9
14:32:30 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040))

[ 1300.814314][T24095] RDX: 0000000000000048 RSI: 00000000200001c0 RDI: 0000000000000005
[ 1300.822289][T24095] RBP: 00007f30e3af71d0 R08: 0000000000000000 R09: 0000000000000000
[ 1300.830263][T24095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1300.838228][T24095] R13: 00007ffda49141ef R14: 00007f30e3af7300 R15: 0000000000022000
14:32:30 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (fail_nth: 2)

14:32:30 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1800, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1300.847213][   T23] audit: type=1326 audit(1669991550.139:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24085 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f57d0c7cf8b code=0x0
[ 1300.887044][T24103] FAULT_INJECTION: forcing a failure.
[ 1300.887044][T24103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1300.910334][   T23] audit: type=1326 audit(1669991550.359:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24102 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1300.923630][T24103] CPU: 1 PID: 24103 Comm: syz-executor.0 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1300.944088][T24103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1300.954138][T24103] Call Trace:
[ 1300.957425][T24103]  dump_stack_lvl+0x1e2/0x24b
[ 1300.962094][T24103]  ? panic+0x7d7/0x7d7
[ 1300.965522][   T23] audit: type=1326 audit(1669991550.399:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24102 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1300.966156][T24103]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1300.994993][T24103]  ? kstrtouint_from_user+0x215/0x2b0
[ 1301.000368][T24103]  ? kstrtol_from_user+0x310/0x310
[ 1301.005474][T24103]  ? ___handle_speculative_fault+0x1122/0x1470
[ 1301.011621][T24103]  dump_stack+0x15/0x17
[ 1301.015773][T24103]  should_fail+0x3c0/0x510
[ 1301.020188][T24103]  should_fail_usercopy+0x1a/0x20
[ 1301.025205][T24103]  strncpy_from_user+0x24/0x2b0
[ 1301.030054][T24103]  bpf_prog_load+0x1c8/0x1b70
[ 1301.034728][T24103]  ? map_freeze+0x310/0x310
[ 1301.039230][T24103]  ? selinux_bpf+0xcb/0x100
[ 1301.043728][T24103]  ? security_bpf+0xb0/0xd0
[ 1301.048224][T24103]  __do_sys_bpf+0x441/0x6c0
[ 1301.052718][T24103]  ? fput_many+0x47/0x1a0
[ 1301.057043][T24103]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 1301.062498][T24103]  ? debug_smp_processor_id+0x17/0x20
[ 1301.067864][T24103]  __x64_sys_bpf+0x7a/0x90
[ 1301.072276][T24103]  do_syscall_64+0x34/0x70
[ 1301.076691][T24103]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1301.082573][T24103] RIP: 0033:0x7f30e4d840d9
[ 1301.087073][T24103] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1301.106679][T24103] RSP: 002b:00007f30e3af7168 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
14:32:30 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 26)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:30 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x3, 0x0, 0x0, 0x7}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) (async)
ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000040))
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000140))

[ 1301.115097][T24103] RAX: ffffffffffffffda RBX: 00007f30e4ea3f80 RCX: 00007f30e4d840d9
[ 1301.123064][T24103] RDX: 0000000000000048 RSI: 00000000200001c0 RDI: 0000000000000005
[ 1301.131036][T24103] RBP: 00007f30e3af71d0 R08: 0000000000000000 R09: 0000000000000000
[ 1301.139016][T24103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1301.146988][T24103] R13: 00007ffda49141ef R14: 00007f30e3af7300 R15: 0000000000022000
14:32:30 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r6, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000880)=ANY=[@ANYBLOB='ip_vti0\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=<r8=>r2, @ANYBLOB="0700780000000004000000034d0200b400660000052f90787f00000100000000443c8371ac1414aaffffffff0a01010000000009ac1e000100000003ac1414bb00000007ffffffff0000000600000000000004016401010100000007070b65ac1e0001ac1414aa00440c2a7000000009000100019404000001891f48ac1414aaac1414aaac1414bbe0000002ac1e0101ac1e0001ac1414bb07134864010101ac1414bbac14142ae000000283134a0a0101027f000001ac1414bb7f0000010000806c12d28d65f2eb0bc59a2e96da534305cd6a9b4105d8f520dabb9574d83a1e52480de8e09b60ca6eb189cff690c26b80f22d062b993362bbb55e391c3ecd0b50029a959be87d003db263f58db96f2b78a4fd2baf0cc535d57ffa28ad62e7e9cf078816adfe3a87ef167ffb579e09d924f806eebfe33692eba20c8d0c2bc8e740a852c583331f4fa08a767567c6e56cf03bad274001e3cb2efb24217795b8385d8ffbe700a395b5f01feea8b2"]}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000500)={'erspan0\x00', &(0x7f0000000240)={'ip_vti0\x00', <r9=>r2, 0x7800, 0x8, 0x7fff, 0x1, {{0x6, 0x4, 0x0, 0x12, 0x18, 0x64, 0x0, 0x81, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x11}, @dev={0xac, 0x14, 0x14, 0x25}, {[@ra={0x94, 0x4, 0x1}]}}}}})
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r12=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r11, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)={0xb4, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xb4}}, 0x20008000) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3) (async)
syz_genetlink_get_family_id$fou(&(0x7f0000000180), r3) (async)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r13=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r13}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r13}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x240000d0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:30 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1900, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1301.171427][T24114] FAULT_INJECTION: forcing a failure.
[ 1301.171427][T24114] name failslab, interval 1, probability 0, space 0, times 0
[ 1301.200274][T24114] CPU: 1 PID: 24114 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1301.210616][T24114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1301.220664][T24114] Call Trace:
[ 1301.223958][T24114]  dump_stack_lvl+0x1e2/0x24b
[ 1301.228635][T24114]  ? panic+0x7d7/0x7d7
[ 1301.232699][T24114]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1301.238157][T24114]  ? pcpu_block_refresh_hint+0x20d/0x350
[ 1301.243796][T24114]  ? pcpu_block_update_hint_alloc+0x96c/0xd00
[ 1301.249863][T24114]  dump_stack+0x15/0x17
[ 1301.254015][T24114]  should_fail+0x3c0/0x510
[ 1301.258430][T24114]  ? blk_mq_realloc_hw_ctxs+0xca/0x1840
[ 1301.263984][T24114]  __should_failslab+0x9f/0xe0
[ 1301.268759][T24114]  should_failslab+0x9/0x20
[ 1301.273270][T24114]  __kmalloc+0x60/0x360
[ 1301.277428][T24114]  ? trace_raw_output_percpu_destroy_chunk+0xc0/0xc0
[ 1301.284113][T24114]  blk_mq_realloc_hw_ctxs+0xca/0x1840
[ 1301.289488][T24114]  ? pcpu_alloc+0x13e8/0x1420
[ 1301.294162][T24114]  ? find_next_bit+0xd6/0x120
[ 1301.298834][T24114]  ? cpumask_next+0x11/0x30
[ 1301.303335][T24114]  ? blk_mq_sysfs_init+0x1c1/0x200
[ 1301.308616][T24114]  blk_mq_init_allocated_queue+0x41a/0x1a30
[ 1301.314508][T24114]  ? blk_set_default_limits+0x17b/0x410
[ 1301.320141][T24114]  ? blk_alloc_queue+0x574/0x640
[ 1301.325082][T24114]  blk_mq_init_queue+0x6c/0xc0
[ 1301.329842][T24114]  loop_add+0x270/0x760
[ 1301.334001][T24114]  loop_control_ioctl+0x564/0x740
[ 1301.339029][T24114]  ? loop_remove+0xb0/0xb0
[ 1301.343435][T24114]  ? __fget_files+0x310/0x370
[ 1301.348113][T24114]  ? security_file_ioctl+0xb1/0xd0
[ 1301.353216][T24114]  ? loop_remove+0xb0/0xb0
[ 1301.357625][T24114]  __se_sys_ioctl+0x115/0x190
[ 1301.362298][T24114]  __x64_sys_ioctl+0x7b/0x90
[ 1301.366878][T24114]  do_syscall_64+0x34/0x70
[ 1301.371284][T24114]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1301.377168][T24114] RIP: 0033:0x7f77b238e0d9
[ 1301.381573][T24114] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1301.401181][T24114] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1301.409596][T24114] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:30 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (fail_nth: 3)

14:32:30 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1a00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:30 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1b00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1301.417558][T24114] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1301.425506][T24114] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1301.433450][T24114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1301.441395][T24114] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1301.457347][T24123] FAULT_INJECTION: forcing a failure.
[ 1301.457347][T24123] name fail_usercopy, interval 1, probability 0, space 0, times 0
14:32:30 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 27)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:30 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0}) (async, rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0}) (rerun: 32)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 64)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (rerun: 64)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r6, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000880)=ANY=[@ANYBLOB='ip_vti0\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=<r8=>r2, @ANYBLOB="0700780000000004000000034d0200b400660000052f90787f00000100000000443c8371ac1414aaffffffff0a01010000000009ac1e000100000003ac1414bb00000007ffffffff0000000600000000000004016401010100000007070b65ac1e0001ac1414aa00440c2a7000000009000100019404000001891f48ac1414aaac1414aaac1414bbe0000002ac1e0101ac1e0001ac1414bb07134864010101ac1414bbac14142ae000000283134a0a0101027f000001ac1414bb7f0000010000806c12d28d65f2eb0bc59a2e96da534305cd6a9b4105d8f520dabb9574d83a1e52480de8e09b60ca6eb189cff690c26b80f22d062b993362bbb55e391c3ecd0b50029a959be87d003db263f58db96f2b78a4fd2baf0cc535d57ffa28ad62e7e9cf078816adfe3a87ef167ffb579e09d924f806eebfe33692eba20c8d0c2bc8e740a852c583331f4fa08a767567c6e56cf03bad274001e3cb2efb24217795b8385d8ffbe700a395b5f01feea8b2"]})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000500)={'erspan0\x00', &(0x7f0000000240)={'ip_vti0\x00', <r9=>r2, 0x7800, 0x8, 0x7fff, 0x1, {{0x6, 0x4, 0x0, 0x12, 0x18, 0x64, 0x0, 0x81, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x11}, @dev={0xac, 0x14, 0x14, 0x25}, {[@ra={0x94, 0x4, 0x1}]}}}}}) (async)
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 64)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r12=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r11, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)={0xb4, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xb4}}, 0x20008000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
syz_genetlink_get_family_id$fou(&(0x7f0000000180), r3) (async, rerun: 64)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r13=>0x0}, &(0x7f0000000340)=0x14) (rerun: 64)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r13}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r13}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x240000d0}, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1301.527242][T24123] CPU: 0 PID: 24123 Comm: syz-executor.0 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1301.537593][T24123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1301.547653][T24123] Call Trace:
[ 1301.550944][T24123]  dump_stack_lvl+0x1e2/0x24b
[ 1301.555615][T24123]  ? panic+0x7d7/0x7d7
[ 1301.559684][T24123]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1301.565256][T24123]  dump_stack+0x15/0x17
[ 1301.569416][T24123]  should_fail+0x3c0/0x510
[ 1301.573836][T24123]  should_fail_usercopy+0x1a/0x20
[ 1301.578858][T24123]  _copy_to_user+0x20/0x90
[ 1301.583270][T24123]  simple_read_from_buffer+0xdd/0x160
[ 1301.588640][T24123]  proc_fail_nth_read+0x1af/0x220
[ 1301.593669][T24123]  ? security_file_permission+0x9d/0xc0
[ 1301.599212][T24123]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1301.604481][T24144] FAULT_INJECTION: forcing a failure.
[ 1301.604481][T24144] name failslab, interval 1, probability 0, space 0, times 0
[ 1301.604921][T24123]  ? security_file_permission+0xa8/0xc0
[ 1301.604934][T24123]  ? rw_verify_area+0x1c2/0x360
[ 1301.604945][T24123]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 1301.604964][T24123]  vfs_read+0x22b/0xbf0
[ 1301.637667][T24123]  ? kernel_read+0x70/0x70
[ 1301.642079][T24123]  ? __kasan_check_write+0x14/0x20
[ 1301.647174][T24123]  ? mutex_lock+0xb2/0x1e0
[ 1301.651576][T24123]  ? mutex_trylock+0x180/0x180
[ 1301.656327][T24123]  ? __fdget_pos+0x26d/0x310
[ 1301.660904][T24123]  ? ksys_read+0x77/0x2c0
[ 1301.665216][T24123]  ksys_read+0x198/0x2c0
[ 1301.669440][T24123]  ? vfs_write+0xf80/0xf80
[ 1301.673838][T24123]  ? debug_smp_processor_id+0x17/0x20
[ 1301.679190][T24123]  __x64_sys_read+0x7b/0x90
[ 1301.683676][T24123]  do_syscall_64+0x34/0x70
[ 1301.688073][T24123]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1301.693962][T24123] RIP: 0033:0x7f30e4d35efc
[ 1301.698372][T24123] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1301.717966][T24123] RSP: 002b:00007f30e3af7160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1301.726364][T24123] RAX: ffffffffffffffda RBX: 00007f30e4ea3f80 RCX: 00007f30e4d35efc
[ 1301.734314][T24123] RDX: 000000000000000f RSI: 00007f30e3af71e0 RDI: 0000000000000003
[ 1301.742267][T24123] RBP: 00007f30e3af71d0 R08: 0000000000000000 R09: 0000000000000000
[ 1301.750220][T24123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1301.758175][T24123] R13: 00007ffda49141ef R14: 00007f30e3af7300 R15: 0000000000022000
[ 1301.766136][T24144] CPU: 1 PID: 24144 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1301.776454][T24144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1301.786499][T24144] Call Trace:
[ 1301.789774][T24144]  dump_stack_lvl+0x1e2/0x24b
[ 1301.794426][T24144]  ? panic+0x7d7/0x7d7
[ 1301.798473][T24144]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1301.803906][T24144]  dump_stack+0x15/0x17
[ 1301.808125][T24144]  should_fail+0x3c0/0x510
[ 1301.812516][T24144]  ? blk_mq_realloc_hw_ctxs+0x4bb/0x1840
[ 1301.818119][T24144]  __should_failslab+0x9f/0xe0
[ 1301.822874][T24144]  should_failslab+0x9/0x20
[ 1301.827350][T24144]  __kmalloc+0x60/0x360
[ 1301.831479][T24144]  ? blk_mq_hw_queue_to_node+0x101/0x120
[ 1301.837089][T24144]  blk_mq_realloc_hw_ctxs+0x4bb/0x1840
[ 1301.842521][T24144]  ? cpumask_next+0x11/0x30
[ 1301.847000][T24144]  ? blk_mq_sysfs_init+0x1c1/0x200
[ 1301.852084][T24144]  blk_mq_init_allocated_queue+0x41a/0x1a30
[ 1301.857950][T24144]  ? blk_set_default_limits+0x17b/0x410
[ 1301.863472][T24144]  ? blk_alloc_queue+0x574/0x640
[ 1301.868382][T24144]  blk_mq_init_queue+0x6c/0xc0
[ 1301.873119][T24144]  loop_add+0x270/0x760
[ 1301.877252][T24144]  loop_control_ioctl+0x564/0x740
[ 1301.882250][T24144]  ? loop_remove+0xb0/0xb0
[ 1301.886639][T24144]  ? __fget_files+0x310/0x370
[ 1301.891300][T24144]  ? security_file_ioctl+0xb1/0xd0
[ 1301.896388][T24144]  ? loop_remove+0xb0/0xb0
[ 1301.900777][T24144]  __se_sys_ioctl+0x115/0x190
[ 1301.905521][T24144]  __x64_sys_ioctl+0x7b/0x90
[ 1301.910095][T24144]  do_syscall_64+0x34/0x70
[ 1301.914490][T24144]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1301.920354][T24144] RIP: 0033:0x7f77b238e0d9
[ 1301.924744][T24144] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1301.944496][T24144] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1301.952882][T24144] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1301.960827][T24144] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1301.968773][T24144] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
14:32:31 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)) (async)

14:32:31 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1c00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:31 executing program 2:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
getpeername$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r4=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r6)
getpeername$packet(r5, &(0x7f0000000300)={0x11, 0x0, <r7=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r6, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r8=>0x0})
r9 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r9, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r9, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r11=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="cf00008d", @ANYRES16=r10, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fc0200000000000000000000000000001400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r11, @ANYBLOB="060001000a000000"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000740)={&(0x7f0000000240)={0x4d4, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x4}}, {{0x8}, {0x134, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5334}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x20}}}]}}, {{0x8, 0x1, r4}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0x11c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x6, 0x3, 0x0, 0x3}, {0x7, 0xf4, 0x5, 0x48}, {0x5, 0x1, 0x6, 0x4}, {0xdf7, 0x9, 0x3, 0x5}, {0x0, 0x1, 0x5b, 0x20}, {0x81, 0x1, 0x8, 0xff}]}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x204, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r11}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x271f}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x9, 0x7, 0x3d, 0x2}, {0x2, 0x0, 0x3c, 0x6}, {0x5, 0x9, 0x3, 0x9}]}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x39e6}}}]}}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x4000015}, 0x800)

14:32:31 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:31 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1d00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1301.976719][T24144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1301.984669][T24144] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1301.997524][   T23] audit: type=1326 audit(1669991551.449:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24137 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=44 compat=0 ip=0x7f57d0c7d10c code=0x0
14:32:31 executing program 0:
bpf$MAP_CREATE(0x2, &(0x7f00000001c0), 0x48)

14:32:31 executing program 2:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async)
ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
getpeername$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r4=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r6) (async)
getpeername$packet(r5, &(0x7f0000000300)={0x11, 0x0, <r7=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r6, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r8=>0x0}) (async)
r9 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r9, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r9, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r11=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="cf00008d", @ANYRES16=r10, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fc0200000000000000000000000000001400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r11, @ANYBLOB="060001000a000000"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000740)={&(0x7f0000000240)={0x4d4, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x4}}, {{0x8}, {0x134, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5334}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x20}}}]}}, {{0x8, 0x1, r4}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0x11c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x6, 0x3, 0x0, 0x3}, {0x7, 0xf4, 0x5, 0x48}, {0x5, 0x1, 0x6, 0x4}, {0xdf7, 0x9, 0x3, 0x5}, {0x0, 0x1, 0x5b, 0x20}, {0x81, 0x1, 0x8, 0xff}]}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x204, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r11}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x271f}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x9, 0x7, 0x3d, 0x2}, {0x2, 0x0, 0x3c, 0x6}, {0x5, 0x9, 0x3, 0x9}]}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x39e6}}}]}}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x4000015}, 0x800)

14:32:31 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1e00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:31 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 28)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:31 executing program 0:
bpf$MAP_CREATE(0x3, &(0x7f00000001c0), 0x48)

[ 1302.038154][   T23] audit: type=1326 audit(1669991551.449:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24137 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:32:31 executing program 2:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) (async)
ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (rerun: 64)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3) (async)
getpeername$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r4=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (rerun: 64)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r6)
getpeername$packet(r5, &(0x7f0000000300)={0x11, 0x0, <r7=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r6, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)={0x34, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r8=>0x0}) (rerun: 64)
r9 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r9, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r9, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 64)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r11=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="cf00008d", @ANYRES16=r10, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fc0200000000000000000000000000001400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r11, @ANYBLOB="060001000a000000"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000740)={&(0x7f0000000240)={0x4d4, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x4}}, {{0x8}, {0x134, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5334}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x20}}}]}}, {{0x8, 0x1, r4}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0x11c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x6, 0x3, 0x0, 0x3}, {0x7, 0xf4, 0x5, 0x48}, {0x5, 0x1, 0x6, 0x4}, {0xdf7, 0x9, 0x3, 0x5}, {0x0, 0x1, 0x5b, 0x20}, {0x81, 0x1, 0x8, 0xff}]}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x204, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r11}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x271f}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x9, 0x7, 0x3d, 0x2}, {0x2, 0x0, 0x3c, 0x6}, {0x5, 0x9, 0x3, 0x9}]}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x39e6}}}]}}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x4000015}, 0x800)

[ 1302.090314][T24167] FAULT_INJECTION: forcing a failure.
[ 1302.090314][T24167] name failslab, interval 1, probability 0, space 0, times 0
[ 1302.106657][T24167] CPU: 0 PID: 24167 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1302.116992][T24167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1302.127052][T24167] Call Trace:
[ 1302.130341][T24167]  dump_stack_lvl+0x1e2/0x24b
[ 1302.134993][T24167]  ? panic+0x7d7/0x7d7
[ 1302.139030][T24167]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1302.144464][T24167]  dump_stack+0x15/0x17
[ 1302.148590][T24167]  should_fail+0x3c0/0x510
[ 1302.152979][T24167]  ? blk_mq_realloc_hw_ctxs+0x802/0x1840
[ 1302.158594][T24167]  __should_failslab+0x9f/0xe0
[ 1302.163330][T24167]  should_failslab+0x9/0x20
[ 1302.167801][T24167]  __kmalloc+0x60/0x360
[ 1302.171927][T24167]  ? blk_mq_realloc_hw_ctxs+0x4bb/0x1840
[ 1302.177527][T24167]  blk_mq_realloc_hw_ctxs+0x802/0x1840
[ 1302.183005][T24167]  blk_mq_init_allocated_queue+0x41a/0x1a30
[ 1302.188866][T24167]  ? blk_set_default_limits+0x17b/0x410
[ 1302.194382][T24167]  ? blk_alloc_queue+0x574/0x640
[ 1302.199290][T24167]  blk_mq_init_queue+0x6c/0xc0
[ 1302.204025][T24167]  loop_add+0x270/0x760
[ 1302.208155][T24167]  loop_control_ioctl+0x564/0x740
[ 1302.213151][T24167]  ? loop_remove+0xb0/0xb0
[ 1302.217536][T24167]  ? __fget_files+0x310/0x370
[ 1302.222182][T24167]  ? security_file_ioctl+0xb1/0xd0
[ 1302.227260][T24167]  ? loop_remove+0xb0/0xb0
[ 1302.231647][T24167]  __se_sys_ioctl+0x115/0x190
[ 1302.236292][T24167]  __x64_sys_ioctl+0x7b/0x90
[ 1302.240850][T24167]  do_syscall_64+0x34/0x70
[ 1302.245237][T24167]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1302.251096][T24167] RIP: 0033:0x7f77b238e0d9
[ 1302.255492][T24167] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1302.275071][T24167] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1302.283454][T24167] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1302.291395][T24167] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1302.299336][T24167] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1302.307279][T24167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1302.315223][T24167] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:33 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c00ff00", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$SIOCGETSGCNT(r1, 0x89e1, &(0x7f00000001c0)={@multicast2, @local})

14:32:33 executing program 0:
bpf$MAP_CREATE(0x4, &(0x7f00000001c0), 0x48)

14:32:33 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1f00, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:33 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 29)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:33 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080))
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
getsockopt$MRT(r1, 0x0, 0xd0, &(0x7f0000000000), &(0x7f00000001c0)=0x4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r2=>0x0})
pipe2$watch_queue(&(0x7f0000000180), 0x80)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000140)={r2, 0x1, r3, 0x3, 0x80000})
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1411)

14:32:33 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)) (async)

[ 1304.529581][   T23] kauditd_printk_skb: 3 callbacks suppressed
[ 1304.529593][   T23] audit: type=1326 audit(1669991553.979:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24179 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1304.534679][T24184] FAULT_INJECTION: forcing a failure.
[ 1304.534679][T24184] name failslab, interval 1, probability 0, space 0, times 0
14:32:34 executing program 0:
bpf$MAP_CREATE(0x6, &(0x7f00000001c0), 0x48)

14:32:34 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:34 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)) (async)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
getsockopt$MRT(r1, 0x0, 0xd0, &(0x7f0000000000), &(0x7f00000001c0)=0x4) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r2=>0x0})
pipe2$watch_queue(&(0x7f0000000180), 0x80) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3) (async)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000140)={r2, 0x1, r3, 0x3, 0x80000}) (async)
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1411)

[ 1304.571919][   T23] audit: type=1326 audit(1669991554.019:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24183 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1304.585614][T24184] CPU: 1 PID: 24184 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1304.605657][T24184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1304.615698][T24184] Call Trace:
[ 1304.618972][T24184]  dump_stack_lvl+0x1e2/0x24b
[ 1304.623626][T24184]  ? panic+0x7d7/0x7d7
[ 1304.627669][T24184]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1304.633105][T24184]  dump_stack+0x15/0x17
[ 1304.637513][T24184]  should_fail+0x3c0/0x510
[ 1304.641937][T24184]  ? sbitmap_init_node+0x148/0x3d0
[ 1304.647032][T24184]  __should_failslab+0x9f/0xe0
[ 1304.651776][T24184]  should_failslab+0x9/0x20
[ 1304.656255][T24184]  __kmalloc+0x60/0x360
[ 1304.660392][T24184]  sbitmap_init_node+0x148/0x3d0
[ 1304.665306][T24184]  blk_mq_realloc_hw_ctxs+0x896/0x1840
[ 1304.670743][T24184]  blk_mq_init_allocated_queue+0x41a/0x1a30
[ 1304.676609][T24184]  ? blk_set_default_limits+0x17b/0x410
[ 1304.682150][T24184]  ? blk_alloc_queue+0x574/0x640
[ 1304.687088][T24184]  blk_mq_init_queue+0x6c/0xc0
[ 1304.691846][T24184]  loop_add+0x270/0x760
[ 1304.695983][T24184]  loop_control_ioctl+0x564/0x740
[ 1304.701112][T24184]  ? loop_remove+0xb0/0xb0
[ 1304.705535][T24184]  ? __fget_files+0x310/0x370
[ 1304.710206][T24184]  ? security_file_ioctl+0xb1/0xd0
[ 1304.715317][T24184]  ? loop_remove+0xb0/0xb0
[ 1304.719731][T24184]  __se_sys_ioctl+0x115/0x190
[ 1304.724400][T24184]  __x64_sys_ioctl+0x7b/0x90
[ 1304.728966][T24184]  do_syscall_64+0x34/0x70
[ 1304.733361][T24184]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1304.739229][T24184] RIP: 0033:0x7f77b238e0d9
[ 1304.743624][T24184] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1304.763203][T24184] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1304.771593][T24184] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:34 executing program 0:
bpf$MAP_CREATE(0x7, &(0x7f00000001c0), 0x48)

[ 1304.779539][T24184] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1304.787485][T24184] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1304.795431][T24184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1304.803413][T24184] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:34 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x4, &(0x7f0000000080)=[{0x16, 0x0, 0x0, 0x800}, {0x3f, 0x6, 0x8, 0x10000}, {0x6, 0x20, 0x3}, {0x4, 0x5, 0x1f, 0x164}]})
r0 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x3ff, 0x10281)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000100))
r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x26, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1912)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001b00000010001a006161000008009a0000000000"], 0x24}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r2)
sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r5, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x20, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x22040004}, 0x20000004)

14:32:34 executing program 2:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080))
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
getsockopt$MRT(r1, 0x0, 0xd0, &(0x7f0000000000), &(0x7f00000001c0)=0x4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r2=>0x0})
pipe2$watch_queue(&(0x7f0000000180), 0x80)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000140)={r2, 0x1, r3, 0x3, 0x80000})
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1411)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)) (async)
pipe2$watch_queue(&(0x7f0000000040), 0x80) (async)
getsockopt$MRT(r1, 0x0, 0xd0, &(0x7f0000000000), &(0x7f00000001c0)=0x4) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) (async)
pipe2$watch_queue(&(0x7f0000000180), 0x80) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3) (async)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000140)={r2, 0x1, r3, 0x3, 0x80000}) (async)
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1411) (async)

[ 1304.846771][   T23] audit: type=1326 audit(1669991554.049:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24179 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1304.877675][T24202] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[ 1304.915459][   T23] audit: type=1326 audit(1669991554.059:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24183 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:32:34 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c00ff00", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$SIOCGETSGCNT(r1, 0x89e1, &(0x7f00000001c0)={@multicast2, @local})

14:32:34 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2100, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:34 executing program 0:
bpf$MAP_CREATE(0x8, &(0x7f00000001c0), 0x48)

14:32:34 executing program 2:
timer_getoverrun(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
timer_create(0x0, &(0x7f0000000040)={0x0, 0x39, 0x4, @thr={&(0x7f00000000c0)="8bc397ccf601792968cfdbb4b5126a2054989ebc20b22f4434a4f5bb0978edd3e43219706ec82fc22f3de9ebac825034335e6a7e8b56d2d6a54dc2f0a675e70536dba08f2237ceb8b13ca7b43cdd1ae8df11d43ace1cb6f12f0534184354fd47678734c64ecc1e9cf5370d3a4080b936f39983208096c8780d2cabb1fb829428c41110a0", &(0x7f0000000180)="b08d3fcae11e9df9f354ba6f7171ee1a4f87e90bca34b578f2ccaa55e375dc0e8b6b06525429d5545e1017451cdc4f478a70a53238b9f097e6b6e8a9119debb5fbb49c9995c3db8d96"}}, &(0x7f0000000200)=<r0=>0x0)
timer_getoverrun(r0)

14:32:34 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x4, &(0x7f0000000080)=[{0x16, 0x0, 0x0, 0x800}, {0x3f, 0x6, 0x8, 0x10000}, {0x6, 0x20, 0x3}, {0x4, 0x5, 0x1f, 0x164}]}) (async)
r0 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x3ff, 0x10281)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000100)) (async)
r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x26, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1912) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001b00000010001a006161000008009a0000000000"], 0x24}}, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r2)
sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r5, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x20, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x22040004}, 0x20000004)

14:32:34 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 30)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:34 executing program 0:
bpf$MAP_CREATE(0x9, &(0x7f00000001c0), 0x48)

[ 1305.083277][   T23] audit: type=1326 audit(1669991554.529:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24211 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1305.107309][T24214] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[ 1305.122395][T24222] FAULT_INJECTION: forcing a failure.
14:32:34 executing program 0:
bpf$MAP_CREATE(0xa, &(0x7f00000001c0), 0x48)

14:32:34 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x4, &(0x7f0000000080)=[{0x16, 0x0, 0x0, 0x800}, {0x3f, 0x6, 0x8, 0x10000}, {0x6, 0x20, 0x3}, {0x4, 0x5, 0x1f, 0x164}]}) (async)
r0 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x3ff, 0x10281)
ioctl$RTC_RD_TIME(r0, 0x80247009, &(0x7f0000000100))
r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x26, 0x0)
ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1912) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001b00000010001a006161000008009a0000000000"], 0x24}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r2)
sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r5, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4) (async)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x20, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x22040004}, 0x20000004)

14:32:34 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2200, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:34 executing program 0:
bpf$MAP_CREATE(0xb, &(0x7f00000001c0), 0x48)

[ 1305.122395][T24222] name failslab, interval 1, probability 0, space 0, times 0
[ 1305.136769][T24222] CPU: 0 PID: 24222 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1305.147103][T24222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1305.157153][T24222] Call Trace:
[ 1305.160446][T24222]  dump_stack_lvl+0x1e2/0x24b
[ 1305.165114][T24222]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1305.170564][T24222]  dump_stack+0x15/0x17
[ 1305.174714][T24222]  should_fail+0x3c0/0x510
14:32:34 executing program 0:
bpf$MAP_CREATE(0xc, &(0x7f00000001c0), 0x48)

[ 1305.179128][T24222]  ? blk_alloc_flush_queue+0x7a/0x250
[ 1305.184492][T24222]  __should_failslab+0x9f/0xe0
[ 1305.189242][T24222]  should_failslab+0x9/0x20
[ 1305.193732][T24222]  kmem_cache_alloc_trace+0x3a/0x330
[ 1305.199016][T24222]  blk_alloc_flush_queue+0x7a/0x250
[ 1305.204211][T24222]  blk_mq_realloc_hw_ctxs+0xa81/0x1840
[ 1305.209674][T24222]  blk_mq_init_allocated_queue+0x41a/0x1a30
[ 1305.215571][T24222]  ? blk_set_default_limits+0x17b/0x410
[ 1305.221106][T24222]  ? blk_alloc_queue+0x574/0x640
[ 1305.226020][T24222]  blk_mq_init_queue+0x6c/0xc0
[ 1305.230756][T24222]  loop_add+0x270/0x760
[ 1305.234884][T24222]  loop_control_ioctl+0x564/0x740
[ 1305.239882][T24222]  ? loop_remove+0xb0/0xb0
[ 1305.244268][T24222]  ? __fget_files+0x310/0x370
[ 1305.248916][T24222]  ? security_file_ioctl+0xb1/0xd0
[ 1305.253997][T24222]  ? loop_remove+0xb0/0xb0
[ 1305.258384][T24222]  __se_sys_ioctl+0x115/0x190
[ 1305.263030][T24222]  __x64_sys_ioctl+0x7b/0x90
[ 1305.267591][T24222]  do_syscall_64+0x34/0x70
[ 1305.271979][T24222]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1305.277841][T24222] RIP: 0033:0x7f77b238e0d9
[ 1305.282229][T24222] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1305.301805][T24222] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1305.310189][T24222] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1305.318133][T24222] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1305.326073][T24222] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1305.334017][T24222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1305.341961][T24222] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1305.361125][T24232] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[ 1305.372297][   T23] audit: type=1326 audit(1669991554.819:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24234 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1305.395854][   T23] audit: type=1326 audit(1669991554.819:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24234 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
[ 1305.419500][   T23] audit: type=1326 audit(1669991554.819:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24234 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
[ 1305.444089][   T23] audit: type=1326 audit(1669991554.819:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24234 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=293 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1305.467870][   T23] audit: type=1326 audit(1669991554.869:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24234 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:32:35 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c00ff00", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async, rerun: 32)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async, rerun: 32)
pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$SIOCGETSGCNT(r1, 0x89e1, &(0x7f00000001c0)={@multicast2, @local})

14:32:35 executing program 0:
bpf$MAP_CREATE(0xd, &(0x7f00000001c0), 0x48)

14:32:35 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 31)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1305.612890][T24243] FAULT_INJECTION: forcing a failure.
[ 1305.612890][T24243] name failslab, interval 1, probability 0, space 0, times 0
[ 1305.625711][T24243] CPU: 1 PID: 24243 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1305.636020][T24243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1305.646142][T24243] Call Trace:
[ 1305.649411][T24243]  dump_stack_lvl+0x1e2/0x24b
[ 1305.654069][T24243]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1305.659508][T24243]  dump_stack+0x15/0x17
[ 1305.663648][T24243]  should_fail+0x3c0/0x510
[ 1305.668045][T24243]  ? blk_alloc_flush_queue+0xe0/0x250
[ 1305.673389][T24243]  __should_failslab+0x9f/0xe0
[ 1305.678127][T24243]  should_failslab+0x9/0x20
[ 1305.682602][T24243]  __kmalloc+0x60/0x360
[ 1305.686726][T24243]  ? kmem_cache_alloc_trace+0x1dd/0x330
[ 1305.692240][T24243]  ? blk_alloc_flush_queue+0x7a/0x250
[ 1305.697673][T24243]  blk_alloc_flush_queue+0xe0/0x250
[ 1305.702843][T24243]  blk_mq_realloc_hw_ctxs+0xa81/0x1840
[ 1305.708271][T24243]  blk_mq_init_allocated_queue+0x41a/0x1a30
[ 1305.714134][T24243]  ? blk_set_default_limits+0x17b/0x410
[ 1305.719648][T24243]  ? blk_alloc_queue+0x574/0x640
[ 1305.724556][T24243]  blk_mq_init_queue+0x6c/0xc0
[ 1305.729289][T24243]  loop_add+0x270/0x760
[ 1305.733413][T24243]  loop_control_ioctl+0x564/0x740
[ 1305.738410][T24243]  ? loop_remove+0xb0/0xb0
[ 1305.742809][T24243]  ? __fget_files+0x310/0x370
[ 1305.747456][T24243]  ? security_file_ioctl+0xb1/0xd0
[ 1305.752550][T24243]  ? loop_remove+0xb0/0xb0
[ 1305.756948][T24243]  __se_sys_ioctl+0x115/0x190
[ 1305.761599][T24243]  __x64_sys_ioctl+0x7b/0x90
[ 1305.766162][T24243]  do_syscall_64+0x34/0x70
[ 1305.770553][T24243]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1305.776414][T24243] RIP: 0033:0x7f77b238e0d9
[ 1305.780802][T24243] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1305.800379][T24243] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1305.808859][T24243] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1305.816809][T24243] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1305.824759][T24243] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1305.832705][T24243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1305.840734][T24243] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:35 executing program 2:
timer_getoverrun(0x0) (async, rerun: 64)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async, rerun: 64)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x39, 0x4, @thr={&(0x7f00000000c0)="8bc397ccf601792968cfdbb4b5126a2054989ebc20b22f4434a4f5bb0978edd3e43219706ec82fc22f3de9ebac825034335e6a7e8b56d2d6a54dc2f0a675e70536dba08f2237ceb8b13ca7b43cdd1ae8df11d43ace1cb6f12f0534184354fd47678734c64ecc1e9cf5370d3a4080b936f39983208096c8780d2cabb1fb829428c41110a0", &(0x7f0000000180)="b08d3fcae11e9df9f354ba6f7171ee1a4f87e90bca34b578f2ccaa55e375dc0e8b6b06525429d5545e1017451cdc4f478a70a53238b9f097e6b6e8a9119debb5fbb49c9995c3db8d96"}}, &(0x7f0000000200)=<r0=>0x0)
timer_getoverrun(r0)

14:32:35 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2300, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:35 executing program 1:
ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:35 executing program 0:
bpf$MAP_CREATE(0xe, &(0x7f00000001c0), 0x48)

14:32:35 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 32)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:35 executing program 0:
bpf$MAP_CREATE(0xf, &(0x7f00000001c0), 0x48)

14:32:35 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:35 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1305.939306][T24256] FAULT_INJECTION: forcing a failure.
[ 1305.939306][T24256] name failslab, interval 1, probability 0, space 0, times 0
[ 1305.953281][T24256] CPU: 1 PID: 24256 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1305.963610][T24256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1305.973640][T24256] Call Trace:
[ 1305.976906][T24256]  dump_stack_lvl+0x1e2/0x24b
[ 1305.981557][T24256]  ? panic+0x7d7/0x7d7
[ 1305.985599][T24256]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1305.991033][T24256]  dump_stack+0x15/0x17
[ 1305.995163][T24256]  should_fail+0x3c0/0x510
[ 1305.999552][T24256]  ? __alloc_disk_node+0x75/0x330
[ 1306.004546][T24256]  __should_failslab+0x9f/0xe0
[ 1306.009281][T24256]  should_failslab+0x9/0x20
[ 1306.013754][T24256]  kmem_cache_alloc_trace+0x3a/0x330
[ 1306.019014][T24256]  __alloc_disk_node+0x75/0x330
[ 1306.023839][T24256]  loop_add+0x341/0x760
[ 1306.027965][T24256]  loop_control_ioctl+0x564/0x740
[ 1306.032984][T24256]  ? loop_remove+0xb0/0xb0
[ 1306.037373][T24256]  ? __fget_files+0x310/0x370
[ 1306.042029][T24256]  ? security_file_ioctl+0xb1/0xd0
[ 1306.047116][T24256]  ? loop_remove+0xb0/0xb0
[ 1306.051540][T24256]  __se_sys_ioctl+0x115/0x190
[ 1306.056190][T24256]  __x64_sys_ioctl+0x7b/0x90
[ 1306.060760][T24256]  do_syscall_64+0x34/0x70
[ 1306.065160][T24256]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1306.071022][T24256] RIP: 0033:0x7f77b238e0d9
[ 1306.075409][T24256] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1306.094995][T24256] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1306.103382][T24256] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1306.111328][T24256] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1306.119276][T24256] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1306.127225][T24256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
14:32:35 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 33)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1306.135170][T24256] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1306.170491][T24271] FAULT_INJECTION: forcing a failure.
[ 1306.170491][T24271] name failslab, interval 1, probability 0, space 0, times 0
[ 1306.183239][T24271] CPU: 0 PID: 24271 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1306.193640][T24271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1306.203688][T24271] Call Trace:
[ 1306.206992][T24271]  dump_stack_lvl+0x1e2/0x24b
[ 1306.211670][T24271]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1306.217125][T24271]  ? pcpu_memcg_post_alloc_hook+0x1c8/0x340
[ 1306.223015][T24271]  dump_stack+0x15/0x17
[ 1306.227166][T24271]  should_fail+0x3c0/0x510
[ 1306.231583][T24271]  ? disk_expand_part_tbl+0x1b9/0x3f0
[ 1306.236951][T24271]  __should_failslab+0x9f/0xe0
[ 1306.241711][T24271]  should_failslab+0x9/0x20
[ 1306.246205][T24271]  __kmalloc+0x60/0x360
[ 1306.250371][T24271]  disk_expand_part_tbl+0x1b9/0x3f0
[ 1306.255562][T24271]  __alloc_disk_node+0x112/0x330
[ 1306.260490][T24271]  loop_add+0x341/0x760
[ 1306.264641][T24271]  loop_control_ioctl+0x564/0x740
[ 1306.269657][T24271]  ? loop_remove+0xb0/0xb0
[ 1306.274065][T24271]  ? __fget_files+0x310/0x370
[ 1306.278741][T24271]  ? security_file_ioctl+0xb1/0xd0
[ 1306.283849][T24271]  ? loop_remove+0xb0/0xb0
[ 1306.288260][T24271]  __se_sys_ioctl+0x115/0x190
[ 1306.292929][T24271]  __x64_sys_ioctl+0x7b/0x90
[ 1306.297513][T24271]  do_syscall_64+0x34/0x70
[ 1306.301924][T24271]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1306.307809][T24271] RIP: 0033:0x7f77b238e0d9
[ 1306.312220][T24271] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1306.331818][T24271] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1306.340229][T24271] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1306.348195][T24271] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1306.356169][T24271] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1306.364143][T24271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1306.372109][T24271] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x16, 0x0, 0x0, 0x4}, {0x6, 0x1f, 0x40, 0x87ff}, {0x1, 0x6, 0x1, 0x15}, {0x3, 0xf0, 0xb7, 0x9}]})
r0 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xc)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0)

14:32:38 executing program 0:
bpf$MAP_CREATE(0x10, &(0x7f00000001c0), 0x48)

14:32:38 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x3000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:38 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 34)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:38 executing program 1:
ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:38 executing program 2:
timer_getoverrun(0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x39, 0x4, @thr={&(0x7f00000000c0)="8bc397ccf601792968cfdbb4b5126a2054989ebc20b22f4434a4f5bb0978edd3e43219706ec82fc22f3de9ebac825034335e6a7e8b56d2d6a54dc2f0a675e70536dba08f2237ceb8b13ca7b43cdd1ae8df11d43ace1cb6f12f0534184354fd47678734c64ecc1e9cf5370d3a4080b936f39983208096c8780d2cabb1fb829428c41110a0", &(0x7f0000000180)="b08d3fcae11e9df9f354ba6f7171ee1a4f87e90bca34b578f2ccaa55e375dc0e8b6b06525429d5545e1017451cdc4f478a70a53238b9f097e6b6e8a9119debb5fbb49c9995c3db8d96"}}, &(0x7f0000000200)=<r0=>0x0)
timer_getoverrun(r0)

14:32:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x16, 0x0, 0x0, 0x4}, {0x6, 0x1f, 0x40, 0x87ff}, {0x1, 0x6, 0x1, 0x15}, {0x3, 0xf0, 0xb7, 0x9}]})
r0 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xc)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x16, 0x0, 0x0, 0x4}, {0x6, 0x1f, 0x40, 0x87ff}, {0x1, 0x6, 0x1, 0x15}, {0x3, 0xf0, 0xb7, 0x9}]}) (async)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xc) (async)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0) (async)

14:32:38 executing program 0:
bpf$MAP_CREATE(0x11, &(0x7f00000001c0), 0x48)

14:32:38 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0))

14:32:38 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x4000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1308.902688][T24287] FAULT_INJECTION: forcing a failure.
[ 1308.902688][T24287] name failslab, interval 1, probability 0, space 0, times 0
[ 1308.923992][T24287] CPU: 1 PID: 24287 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1308.934329][T24287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1308.944381][T24287] Call Trace:
[ 1308.947675][T24287]  dump_stack_lvl+0x1e2/0x24b
[ 1308.952351][T24287]  ? panic+0x7d7/0x7d7
[ 1308.956413][T24287]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1308.961867][T24287]  ? find_next_bit+0xd6/0x120
[ 1308.966537][T24287]  ? cpumask_next+0x11/0x30
[ 1308.971084][T24287]  dump_stack+0x15/0x17
[ 1308.975321][T24287]  should_fail+0x3c0/0x510
[ 1308.979731][T24287]  ? percpu_ref_init+0xd0/0x340
[ 1308.984566][T24287]  __should_failslab+0x9f/0xe0
[ 1308.989316][T24287]  should_failslab+0x9/0x20
[ 1308.993790][T24287]  kmem_cache_alloc_trace+0x3a/0x330
[ 1308.999048][T24287]  percpu_ref_init+0xd0/0x340
[ 1309.003702][T24287]  ? hd_ref_init+0x50/0x50
[ 1309.008089][T24287]  hd_ref_init+0x27/0x50
[ 1309.012301][T24287]  __alloc_disk_node+0x1be/0x330
[ 1309.017215][T24287]  loop_add+0x341/0x760
[ 1309.021351][T24287]  loop_control_ioctl+0x564/0x740
[ 1309.026353][T24287]  ? loop_remove+0xb0/0xb0
[ 1309.030744][T24287]  ? __fget_files+0x310/0x370
[ 1309.035404][T24287]  ? security_file_ioctl+0xb1/0xd0
[ 1309.040491][T24287]  ? loop_remove+0xb0/0xb0
[ 1309.044882][T24287]  __se_sys_ioctl+0x115/0x190
[ 1309.049535][T24287]  __x64_sys_ioctl+0x7b/0x90
[ 1309.054098][T24287]  do_syscall_64+0x34/0x70
[ 1309.058492][T24287]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1309.064361][T24287] RIP: 0033:0x7f77b238e0d9
[ 1309.068756][T24287] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1309.088337][T24287] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:32:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x16, 0x0, 0x0, 0x4}, {0x6, 0x1f, 0x40, 0x87ff}, {0x1, 0x6, 0x1, 0x15}, {0x3, 0xf0, 0xb7, 0x9}]}) (async)
r0 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xc)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0)

14:32:38 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 35)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:38 executing program 0:
bpf$MAP_CREATE(0x12, &(0x7f00000001c0), 0x48)

14:32:38 executing program 0:
bpf$MAP_CREATE(0x13, &(0x7f00000001c0), 0x48)

14:32:38 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040), &(0x7f00000000c0)=0x4)

14:32:38 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x5000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1309.096727][T24287] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1309.104847][T24287] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1309.112792][T24287] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1309.120740][T24287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1309.128687][T24287] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1309.178934][T24303] FAULT_INJECTION: forcing a failure.
[ 1309.178934][T24303] name failslab, interval 1, probability 0, space 0, times 0
[ 1309.201159][T24303] CPU: 1 PID: 24303 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1309.211498][T24303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1309.221634][T24303] Call Trace:
[ 1309.224929][T24303]  dump_stack_lvl+0x1e2/0x24b
[ 1309.229603][T24303]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1309.235062][T24303]  dump_stack+0x15/0x17
[ 1309.239214][T24303]  should_fail+0x3c0/0x510
[ 1309.243626][T24303]  ? rand_initialize_disk+0x4f/0xa8
[ 1309.248833][T24303]  __should_failslab+0x9f/0xe0
[ 1309.253602][T24303]  should_failslab+0x9/0x20
[ 1309.258108][T24303]  kmem_cache_alloc_trace+0x3a/0x330
[ 1309.263388][T24303]  ? __kasan_check_write+0x14/0x20
[ 1309.268510][T24303]  ? percpu_ref_init+0x237/0x340
[ 1309.273445][T24303]  ? hd_ref_init+0x50/0x50
[ 1309.277857][T24303]  rand_initialize_disk+0x4f/0xa8
[ 1309.282939][T24303]  __alloc_disk_node+0x29a/0x330
[ 1309.287879][T24303]  loop_add+0x341/0x760
[ 1309.292041][T24303]  loop_control_ioctl+0x564/0x740
[ 1309.297064][T24303]  ? loop_remove+0xb0/0xb0
[ 1309.301482][T24303]  ? __fget_files+0x310/0x370
[ 1309.306160][T24303]  ? security_file_ioctl+0xb1/0xd0
[ 1309.311267][T24303]  ? loop_remove+0xb0/0xb0
[ 1309.315678][T24303]  __se_sys_ioctl+0x115/0x190
[ 1309.320348][T24303]  __x64_sys_ioctl+0x7b/0x90
[ 1309.324937][T24303]  do_syscall_64+0x34/0x70
[ 1309.329353][T24303]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1309.335239][T24303] RIP: 0033:0x7f77b238e0d9
[ 1309.339655][T24303] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1309.359254][T24303] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1309.367670][T24303] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:38 executing program 0:
bpf$MAP_CREATE(0x14, &(0x7f00000001c0), 0x48)

14:32:38 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x6000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:38 executing program 1:
ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:38 executing program 0:
bpf$MAP_CREATE(0x15, &(0x7f00000001c0), 0x48)

[ 1309.375643][T24303] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1309.383616][T24303] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1309.391598][T24303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1309.399570][T24303] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1309.554916][   T23] kauditd_printk_skb: 13 callbacks suppressed
[ 1309.554926][   T23] audit: type=1326 audit(1669991558.999:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f0223adbe01 code=0x0
14:32:39 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) (async)

14:32:39 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x7000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:39 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 36)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:39 executing program 0:
bpf$MAP_CREATE(0x16, &(0x7f00000001c0), 0x48)

14:32:39 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040), &(0x7f00000000c0)=0x4)

14:32:39 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
setsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, &(0x7f00000000c0)=0x1, 0x4)

[ 1309.988409][T24326] FAULT_INJECTION: forcing a failure.
[ 1309.988409][T24326] name failslab, interval 1, probability 0, space 0, times 0
[ 1310.007026][T24326] CPU: 1 PID: 24326 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1310.017371][T24326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1310.027492][T24326] Call Trace:
[ 1310.030765][T24326]  dump_stack_lvl+0x1e2/0x24b
[ 1310.035418][T24326]  ? panic+0x7d7/0x7d7
[ 1310.039463][T24326]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1310.044901][T24326]  ? memset+0x35/0x40
[ 1310.048861][T24326]  dump_stack+0x15/0x17
[ 1310.052992][T24326]  should_fail+0x3c0/0x510
[ 1310.057384][T24326]  ? device_create+0x11d/0x2e0
[ 1310.062121][T24326]  __should_failslab+0x9f/0xe0
[ 1310.066861][T24326]  should_failslab+0x9/0x20
[ 1310.071428][T24326]  kmem_cache_alloc_trace+0x3a/0x330
[ 1310.076688][T24326]  ? vsnprintf+0x1fa/0x1cd0
[ 1310.081169][T24326]  device_create+0x11d/0x2e0
[ 1310.085736][T24326]  ? root_device_unregister+0x80/0x80
[ 1310.091082][T24326]  ? number+0xd9b/0x1040
[ 1310.095321][T24326]  bdi_register_va+0x94/0x600
[ 1310.099974][T24326]  bdi_register+0xd1/0x120
[ 1310.104367][T24326]  ? __device_add_disk+0x536/0x11d0
[ 1310.109540][T24326]  ? bdi_register_va+0x600/0x600
[ 1310.114456][T24326]  ? vsnprintf+0x1bfd/0x1cd0
[ 1310.119025][T24326]  ? __kasan_check_read+0x11/0x20
[ 1310.124026][T24326]  ? blk_alloc_devt+0xd4/0x320
[ 1310.128767][T24326]  __device_add_disk+0x5cb/0x11d0
[ 1310.133771][T24326]  ? device_add_disk+0x40/0x40
[ 1310.138512][T24326]  ? loop_add+0x380/0x760
[ 1310.142820][T24326]  ? vsprintf+0x40/0x40
[ 1310.146956][T24326]  device_add_disk+0x2a/0x40
[ 1310.151527][T24326]  loop_add+0x58f/0x760
[ 1310.155660][T24326]  loop_control_ioctl+0x564/0x740
[ 1310.160661][T24326]  ? loop_remove+0xb0/0xb0
[ 1310.165058][T24326]  ? __fget_files+0x310/0x370
[ 1310.169821][T24326]  ? security_file_ioctl+0xb1/0xd0
[ 1310.174906][T24326]  ? loop_remove+0xb0/0xb0
[ 1310.179312][T24326]  __se_sys_ioctl+0x115/0x190
[ 1310.183966][T24326]  __x64_sys_ioctl+0x7b/0x90
[ 1310.188535][T24326]  do_syscall_64+0x34/0x70
[ 1310.192939][T24326]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1310.198808][T24326] RIP: 0033:0x7f77b238e0d9
[ 1310.203202][T24326] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1310.222782][T24326] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1310.231351][T24326] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:39 executing program 0:
bpf$MAP_CREATE(0x17, &(0x7f00000001c0), 0x48)

14:32:39 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x8000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1310.239303][T24326] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1310.247254][T24326] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1310.255202][T24326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1310.263149][T24326] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:39 executing program 0:
bpf$MAP_CREATE(0x18, &(0x7f00000001c0), 0x48)

[ 1310.274960][   T23] audit: type=1326 audit(1669991559.719:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24322 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1310.282695][T24326] ------------[ cut here ]------------
[ 1310.304443][T24326] WARNING: CPU: 1 PID: 24326 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1310.313747][T24326] Modules linked in:
14:32:39 executing program 0:
bpf$MAP_CREATE(0x19, &(0x7f00000001c0), 0x48)

[ 1310.317710][   T23] audit: type=1326 audit(1669991559.759:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24323 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1310.341289][T24326] CPU: 1 PID: 24326 Comm: syz-executor.4 Not tainted 5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1310.352430][T24326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1310.362910][   T23] audit: type=1326 audit(1669991559.789:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24323 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f57d0c7cf8b code=0x0
14:32:39 executing program 0:
bpf$MAP_CREATE(0x1a, &(0x7f00000001c0), 0x48)

14:32:39 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async, rerun: 32)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) (rerun: 32)

[ 1310.387220][T24326] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1310.394849][T24326] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1310.415231][   T23] audit: type=1326 audit(1669991559.859:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24330 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:32:39 executing program 0:
bpf$MAP_CREATE(0x1b, &(0x7f00000001c0), 0x48)

14:32:39 executing program 0:
bpf$MAP_CREATE(0x1c, &(0x7f00000001c0), 0x48)

[ 1310.438996][T24326] RSP: 0018:ffffc900062afbc0 EFLAGS: 00010283
[ 1310.439240][   T23] audit: type=1326 audit(1669991559.859:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24330 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f0223a68f8b code=0x0
[ 1310.448987][T24326] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1310.477026][T24326] RDX: ffffc90001b10000 RSI: 0000000000025b0c RDI: 0000000000025b0d
[ 1310.485213][T24326] RBP: ffffc900062afd08 R08: ffffffff82410506 R09: fffffbfff0c8595f
[ 1310.493369][T24326] R10: fffffbfff0c8595f R11: 1ffffffff0c8595e R12: 0000000000000007
[ 1310.501500][T24326] R13: ffff88812b8ac000 R14: ffff88810a615338 R15: ffff88810a615000
[ 1310.509512][T24326] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1310.518453][T24326] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1310.525164][T24326] CR2: 00007ffda4914428 CR3: 000000012aeca000 CR4: 00000000003506b0
[ 1310.533162][T24326] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1310.541144][T24326] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1310.549115][T24326] Call Trace:
[ 1310.552395][T24326]  ? device_add_disk+0x40/0x40
[ 1310.557178][T24326]  ? loop_add+0x380/0x760
[ 1310.561502][T24326]  ? vsprintf+0x40/0x40
[ 1310.565668][T24326]  device_add_disk+0x2a/0x40
[ 1310.570250][T24326]  loop_add+0x58f/0x760
[ 1310.574388][T24326]  loop_control_ioctl+0x564/0x740
[ 1310.579436][T24326]  ? loop_remove+0xb0/0xb0
[ 1310.583848][T24326]  ? __fget_files+0x310/0x370
[ 1310.588530][T24326]  ? security_file_ioctl+0xb1/0xd0
[ 1310.593634][T24326]  ? loop_remove+0xb0/0xb0
[ 1310.598119][T24326]  __se_sys_ioctl+0x115/0x190
[ 1310.602814][T24326]  __x64_sys_ioctl+0x7b/0x90
[ 1310.607414][T24326]  do_syscall_64+0x34/0x70
[ 1310.611829][T24326]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1310.617736][T24326] RIP: 0033:0x7f77b238e0d9
[ 1310.622134][T24326] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1310.641757][T24326] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1310.650215][T24326] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1310.658206][T24326] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1310.666195][T24326] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1310.674155][T24326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1310.682149][T24326] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:40 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 37)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:40 executing program 0:
bpf$MAP_CREATE(0x1d, &(0x7f00000001c0), 0x48)

[ 1310.690136][T24326] ---[ end trace 36e3028cd67c66ce ]---
[ 1310.705183][   T23] audit: type=1326 audit(1669991560.149:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1310.748003][T24365] FAULT_INJECTION: forcing a failure.
[ 1310.748003][T24365] name failslab, interval 1, probability 0, space 0, times 0
[ 1310.760684][T24365] CPU: 1 PID: 24365 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1310.772368][T24365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1310.782396][T24365] Call Trace:
[ 1310.785660][T24365]  dump_stack_lvl+0x1e2/0x24b
[ 1310.790310][T24365]  ? panic+0x7d7/0x7d7
[ 1310.794351][T24365]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1310.800394][T24365]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1310.805830][T24365]  dump_stack+0x15/0x17
[ 1310.809960][T24365]  should_fail+0x3c0/0x510
[ 1310.814351][T24365]  ? kvasprintf_const+0x139/0x180
[ 1310.819346][T24365]  __should_failslab+0x9f/0xe0
[ 1310.824080][T24365]  should_failslab+0x9/0x20
[ 1310.828553][T24365]  __kmalloc_track_caller+0x5f/0x350
[ 1310.833809][T24365]  ? __hrtimer_init+0x17b/0x260
[ 1310.838642][T24365]  kstrdup_const+0x55/0x90
[ 1310.843052][T24365]  kvasprintf_const+0x139/0x180
[ 1310.847883][T24365]  kobject_set_name_vargs+0x61/0x120
[ 1310.853143][T24365]  device_create+0x222/0x2e0
[ 1310.857705][T24365]  ? root_device_unregister+0x80/0x80
[ 1310.863049][T24365]  ? number+0xd9b/0x1040
[ 1310.867271][T24365]  bdi_register_va+0x94/0x600
[ 1310.871916][T24365]  bdi_register+0xd1/0x120
[ 1310.876305][T24365]  ? __device_add_disk+0x536/0x11d0
[ 1310.881471][T24365]  ? bdi_register_va+0x600/0x600
[ 1310.886432][T24365]  ? vsnprintf+0x1bfd/0x1cd0
[ 1310.891000][T24365]  ? __kasan_check_read+0x11/0x20
[ 1310.896092][T24365]  ? blk_alloc_devt+0xd4/0x320
[ 1310.900875][T24365]  __device_add_disk+0x5cb/0x11d0
[ 1310.905895][T24365]  ? device_add_disk+0x40/0x40
[ 1310.910633][T24365]  ? loop_add+0x380/0x760
[ 1310.914937][T24365]  ? vsprintf+0x40/0x40
[ 1310.919073][T24365]  device_add_disk+0x2a/0x40
[ 1310.923638][T24365]  loop_add+0x58f/0x760
[ 1310.927767][T24365]  loop_control_ioctl+0x564/0x740
[ 1310.932767][T24365]  ? loop_remove+0xb0/0xb0
[ 1310.937158][T24365]  ? __fget_files+0x310/0x370
[ 1310.941805][T24365]  ? security_file_ioctl+0xb1/0xd0
[ 1310.946894][T24365]  ? loop_remove+0xb0/0xb0
[ 1310.951282][T24365]  __se_sys_ioctl+0x115/0x190
[ 1310.955934][T24365]  __x64_sys_ioctl+0x7b/0x90
[ 1310.960497][T24365]  do_syscall_64+0x34/0x70
[ 1310.964889][T24365]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1310.970754][T24365] RIP: 0033:0x7f77b238e0d9
[ 1310.975160][T24365] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1310.994747][T24365] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1311.003144][T24365] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1311.011087][T24365] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1311.019033][T24365] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1311.026979][T24365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1311.034926][T24365] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1311.043176][T24365] ------------[ cut here ]------------
[ 1311.048792][T24365] WARNING: CPU: 0 PID: 24365 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1311.058214][T24365] Modules linked in:
[ 1311.062099][T24365] CPU: 0 PID: 24365 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1311.074242][T24365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1311.084417][T24365] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1311.090248][T24365] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1311.109912][T24365] RSP: 0018:ffffc9000632fbc0 EFLAGS: 00010287
[ 1311.116007][T24365] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1311.123961][T24365] RDX: ffffc90001b10000 RSI: 000000000002b4f4 RDI: 000000000002b4f5
[ 1311.131958][T24365] RBP: ffffc9000632fd08 R08: ffffffff82410506 R09: 0000000000000003
[ 1311.139942][T24365] R10: fffff52000c65e85 R11: 1ffff92000c65e84 R12: 0000000000000007
[ 1311.147920][T24365] R13: ffff88812c379000 R14: ffff8881073f7338 R15: ffff8881073f7000
[ 1311.155896][T24365] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1311.164802][T24365] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1311.171397][T24365] CR2: 00007f30e4e7d058 CR3: 000000010d67e000 CR4: 00000000003506b0
[ 1311.179377][T24365] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1311.187368][T24365] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1311.195329][T24365] Call Trace:
[ 1311.198628][T24365]  ? device_add_disk+0x40/0x40
[ 1311.203453][T24365]  ? loop_add+0x380/0x760
[ 1311.207827][T24365]  ? vsprintf+0x40/0x40
[ 1311.211974][T24365]  device_add_disk+0x2a/0x40
[ 1311.216602][T24365]  loop_add+0x58f/0x760
[ 1311.220742][T24365]  loop_control_ioctl+0x564/0x740
[ 1311.225767][T24365]  ? loop_remove+0xb0/0xb0
[ 1311.230177][T24365]  ? __fget_files+0x310/0x370
[ 1311.234828][T24365]  ? security_file_ioctl+0xb1/0xd0
[ 1311.239945][T24365]  ? loop_remove+0xb0/0xb0
[ 1311.244350][T24365]  __se_sys_ioctl+0x115/0x190
[ 1311.249038][T24365]  __x64_sys_ioctl+0x7b/0x90
[ 1311.253616][T24365]  do_syscall_64+0x34/0x70
[ 1311.258038][T24365]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1311.263917][T24365] RIP: 0033:0x7f77b238e0d9
[ 1311.268338][T24365] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1311.287968][T24365] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1311.296402][T24365] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1311.304364][T24365] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1311.312925][T24365] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1311.320964][T24365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1311.328938][T24365] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1311.336920][T24365] ---[ end trace 36e3028cd67c66cf ]---
[ 1311.376895][T25449] udevd[25449]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:32:42 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000040), &(0x7f00000000c0)=0x4)

14:32:42 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
setsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, &(0x7f00000000c0)=0x1, 0x4)

14:32:42 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x9000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:42 executing program 0:
bpf$MAP_CREATE(0x1e, &(0x7f00000001c0), 0x48)

14:32:42 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 38)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:42 executing program 2:
r0 = socket(0x2b, 0x2, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r2, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9, 0xe}}}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4acfc5cfa1"}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000000c0))

[ 1312.991997][   T23] audit: type=1326 audit(1669991562.439:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24368 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:32:42 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xa000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:42 executing program 0:
bpf$MAP_CREATE(0x21, &(0x7f00000001c0), 0x48)

[ 1313.038302][T24376] FAULT_INJECTION: forcing a failure.
[ 1313.038302][T24376] name failslab, interval 1, probability 0, space 0, times 0
[ 1313.046675][   T23] audit: type=1326 audit(1669991562.439:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24368 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1313.070571][T24376] CPU: 1 PID: 24376 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1313.086364][T24376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1313.086685][   T23] audit: type=1326 audit(1669991562.439:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24368 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1313.096404][T24376] Call Trace:
[ 1313.096421][T24376]  dump_stack_lvl+0x1e2/0x24b
[ 1313.096432][T24376]  ? panic+0x7d7/0x7d7
[ 1313.096450][T24376]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1313.137260][T24376]  dump_stack+0x15/0x17
[ 1313.141394][T24376]  should_fail+0x3c0/0x510
[ 1313.145785][T24376]  ? device_add+0xbe/0xbd0
[ 1313.150181][T24376]  __should_failslab+0x9f/0xe0
[ 1313.154919][T24376]  should_failslab+0x9/0x20
[ 1313.159396][T24376]  kmem_cache_alloc_trace+0x3a/0x330
[ 1313.164656][T24376]  ? __kasan_check_write+0x14/0x20
[ 1313.169740][T24376]  device_add+0xbe/0xbd0
[ 1313.173957][T24376]  ? kfree_const+0x39/0x40
[ 1313.178349][T24376]  ? kobject_set_name_vargs+0xce/0x120
[ 1313.183781][T24376]  device_create+0x258/0x2e0
[ 1313.188351][T24376]  ? root_device_unregister+0x80/0x80
[ 1313.193696][T24376]  ? number+0xd9b/0x1040
[ 1313.197915][T24376]  bdi_register_va+0x94/0x600
[ 1313.202563][T24376]  bdi_register+0xd1/0x120
[ 1313.206967][T24376]  ? __device_add_disk+0x536/0x11d0
[ 1313.212139][T24376]  ? bdi_register_va+0x600/0x600
[ 1313.217051][T24376]  ? vsnprintf+0x1bfd/0x1cd0
[ 1313.221636][T24376]  ? __kasan_check_read+0x11/0x20
[ 1313.226895][T24376]  ? blk_alloc_devt+0xd4/0x320
[ 1313.231642][T24376]  __device_add_disk+0x5cb/0x11d0
[ 1313.236667][T24376]  ? device_add_disk+0x40/0x40
[ 1313.241403][T24376]  ? loop_add+0x380/0x760
[ 1313.245706][T24376]  ? vsprintf+0x40/0x40
[ 1313.249837][T24376]  device_add_disk+0x2a/0x40
[ 1313.254407][T24376]  loop_add+0x58f/0x760
[ 1313.258538][T24376]  loop_control_ioctl+0x564/0x740
[ 1313.263534][T24376]  ? loop_remove+0xb0/0xb0
[ 1313.267925][T24376]  ? __fget_files+0x310/0x370
[ 1313.272577][T24376]  ? security_file_ioctl+0xb1/0xd0
[ 1313.277662][T24376]  ? loop_remove+0xb0/0xb0
[ 1313.282053][T24376]  __se_sys_ioctl+0x115/0x190
[ 1313.286705][T24376]  __x64_sys_ioctl+0x7b/0x90
[ 1313.291275][T24376]  do_syscall_64+0x34/0x70
[ 1313.295667][T24376]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1313.301531][T24376] RIP: 0033:0x7f77b238e0d9
[ 1313.305921][T24376] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1313.325497][T24376] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:32:42 executing program 0:
bpf$MAP_CREATE(0x22, &(0x7f00000001c0), 0x48)

[ 1313.333885][T24376] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1313.341840][T24376] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1313.349793][T24376] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1313.357829][T24376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1313.365787][T24376] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1313.382873][T24376] ------------[ cut here ]------------
14:32:42 executing program 0:
bpf$MAP_CREATE(0x23, &(0x7f00000001c0), 0x48)

14:32:42 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:42 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x2000}, 0x48)

[ 1313.390184][T24376] WARNING: CPU: 1 PID: 24376 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1313.403338][T24376] Modules linked in:
[ 1313.407359][T24376] CPU: 1 PID: 24376 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1313.419221][T24376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1313.429491][T24376] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1313.435731][T24376] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1313.455892][T24376] RSP: 0018:ffffc900062cfbc0 EFLAGS: 00010246
[ 1313.462130][T24376] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1313.470213][T24376] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
[ 1313.478287][T24376] RBP: ffffc900062cfd08 R08: ffffffff82410506 R09: 0000000000000003
[ 1313.486357][T24376] R10: fffff52000c59e8d R11: 1ffff92000c59e8c R12: 0000000000000007
[ 1313.494400][T24376] R13: ffff88812a7ee000 R14: ffff888111e79338 R15: ffff888111e79000
[ 1313.502586][T24376] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1313.511641][T24376] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1313.518324][T24376] CR2: 00007f77b10bf718 CR3: 000000010aeac000 CR4: 00000000003506a0
[ 1313.526370][T24376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1313.534410][T24376] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1313.542476][T24376] Call Trace:
[ 1313.545867][T24376]  ? device_add_disk+0x40/0x40
[ 1313.550697][T24376]  ? loop_add+0x380/0x760
[ 1313.555247][T24376]  ? vsprintf+0x40/0x40
[ 1313.560036][T24376]  device_add_disk+0x2a/0x40
[ 1313.565058][T24376]  loop_add+0x58f/0x760
[ 1313.569472][T24376]  loop_control_ioctl+0x564/0x740
[ 1313.579939][T24376]  ? loop_remove+0xb0/0xb0
[ 1313.584557][T24376]  ? __fget_files+0x310/0x370
14:32:43 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x8, &(0x7f0000000040)=[{0x1fc, 0x0, 0x0, 0x96}, {0x1, 0x0, 0x0, 0x7}, {0xfffd, 0x87, 0xff, 0x8}, {0x3, 0x5, 0x46, 0x1}, {0x7, 0x17, 0x1f, 0x1}, {0x805, 0x3, 0x5c, 0x2}, {0x4, 0x4a, 0x0, 0x4}, {0x7ff, 0x80, 0xff, 0x7}]})
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000000c0)={0xffffffff, 0x70, "0b5038d083a4a59f1df012bd5eaf2f82053aed5209fa6fcf4507737067510297b1e042d2cb8d82da5f036fa45aaf03fd256c25b4d9f0ea33db0ce2793e7fa4d4eebab2ac744bd3916d3b1e5cc6b669f04cb6d204a8b0bb5c354ec572a1e2b08e701c620fc8ffbfe05d8a868aa40adcb3"})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000180)=""/99, &(0x7f0000000200)=0x63)

[ 1313.589363][T24376]  ? security_file_ioctl+0xb1/0xd0
[ 1313.594537][T24376]  ? loop_remove+0xb0/0xb0
[ 1313.599035][T24376]  __se_sys_ioctl+0x115/0x190
[ 1313.604050][T24376]  __x64_sys_ioctl+0x7b/0x90
[ 1313.608834][T24376]  do_syscall_64+0x34/0x70
[ 1313.613301][T24376]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1313.619313][T24376] RIP: 0033:0x7f77b238e0d9
[ 1313.623943][T24376] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1313.643664][T24376] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1313.652194][T24376] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1313.660279][T24376] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1313.668451][T24376] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1313.676490][T24376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1313.684512][T24376] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1313.692557][T24376] ---[ end trace 36e3028cd67c66d0 ]---
[ 1313.740028][T25449] udevd[25449]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:32:46 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
setsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, &(0x7f00000000c0)=0x1, 0x4)

14:32:46 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x20000000}, 0x48)

14:32:46 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xb000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:46 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 39)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:46 executing program 2:
r0 = socket(0x2b, 0x2, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r2, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9, 0xe}}}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4acfc5cfa1"}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000000c0))
socket(0x2b, 0x2, 0x2) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r2, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9, 0xe}}}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4acfc5cfa1"}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44}, 0x10) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000000c0)) (async)

14:32:46 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async, rerun: 32)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x8, &(0x7f0000000040)=[{0x1fc, 0x0, 0x0, 0x96}, {0x1, 0x0, 0x0, 0x7}, {0xfffd, 0x87, 0xff, 0x8}, {0x3, 0x5, 0x46, 0x1}, {0x7, 0x17, 0x1f, 0x1}, {0x805, 0x3, 0x5c, 0x2}, {0x4, 0x4a, 0x0, 0x4}, {0x7ff, 0x80, 0xff, 0x7}]}) (async, rerun: 32)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000000c0)={0xffffffff, 0x70, "0b5038d083a4a59f1df012bd5eaf2f82053aed5209fa6fcf4507737067510297b1e042d2cb8d82da5f036fa45aaf03fd256c25b4d9f0ea33db0ce2793e7fa4d4eebab2ac744bd3916d3b1e5cc6b669f04cb6d204a8b0bb5c354ec572a1e2b08e701c620fc8ffbfe05d8a868aa40adcb3"}) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000180)=""/99, &(0x7f0000000200)=0x63)

[ 1316.714819][T24410] FAULT_INJECTION: forcing a failure.
[ 1316.714819][T24410] name failslab, interval 1, probability 0, space 0, times 0
[ 1316.714929][   T23] kauditd_printk_skb: 5 callbacks suppressed
[ 1316.714940][   T23] audit: type=1326 audit(1669991566.159:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24401 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1316.728222][T24410] CPU: 1 PID: 24410 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1316.737603][   T23] audit: type=1326 audit(1669991566.179:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24401 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f57d0cefe01 code=0x0
[ 1316.756842][T24410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1316.756852][T24410] Call Trace:
[ 1316.756869][T24410]  dump_stack_lvl+0x1e2/0x24b
[ 1316.756880][T24410]  ? panic+0x7d7/0x7d7
[ 1316.756889][T24410]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1316.756898][T24410]  dump_stack+0x15/0x17
[ 1316.756907][T24410]  should_fail+0x3c0/0x510
[ 1316.756927][T24410]  ? device_add+0xbe/0xbd0
[ 1316.771118][   T23] audit: type=1326 audit(1669991566.179:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24401 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1316.792022][T24410]  __should_failslab+0x9f/0xe0
[ 1316.792033][T24410]  should_failslab+0x9/0x20
[ 1316.792042][T24410]  kmem_cache_alloc_trace+0x3a/0x330
[ 1316.792052][T24410]  ? __kasan_check_write+0x14/0x20
[ 1316.792071][T24410]  device_add+0xbe/0xbd0
[ 1316.879527][T24410]  ? kfree_const+0x39/0x40
[ 1316.883923][T24410]  ? kobject_set_name_vargs+0xce/0x120
[ 1316.889356][T24410]  device_create+0x258/0x2e0
[ 1316.893924][T24410]  ? root_device_unregister+0x80/0x80
[ 1316.899271][T24410]  ? number+0xd9b/0x1040
[ 1316.903487][T24410]  bdi_register_va+0x94/0x600
[ 1316.908138][T24410]  bdi_register+0xd1/0x120
[ 1316.912529][T24410]  ? __device_add_disk+0x536/0x11d0
[ 1316.917787][T24410]  ? bdi_register_va+0x600/0x600
[ 1316.922698][T24410]  ? vsnprintf+0x1bfd/0x1cd0
[ 1316.927265][T24410]  ? __kasan_check_read+0x11/0x20
[ 1316.932264][T24410]  ? blk_alloc_devt+0xd4/0x320
[ 1316.937001][T24410]  __device_add_disk+0x5cb/0x11d0
[ 1316.942003][T24410]  ? device_add_disk+0x40/0x40
[ 1316.946741][T24410]  ? loop_add+0x380/0x760
[ 1316.951045][T24410]  ? vsprintf+0x40/0x40
[ 1316.955176][T24410]  device_add_disk+0x2a/0x40
[ 1316.959739][T24410]  loop_add+0x58f/0x760
[ 1316.963884][T24410]  loop_control_ioctl+0x564/0x740
[ 1316.968880][T24410]  ? loop_remove+0xb0/0xb0
[ 1316.973278][T24410]  ? __fget_files+0x310/0x370
[ 1316.977931][T24410]  ? security_file_ioctl+0xb1/0xd0
[ 1316.983014][T24410]  ? loop_remove+0xb0/0xb0
[ 1316.987409][T24410]  __se_sys_ioctl+0x115/0x190
[ 1316.992061][T24410]  __x64_sys_ioctl+0x7b/0x90
[ 1316.996626][T24410]  do_syscall_64+0x34/0x70
[ 1317.001018][T24410]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1317.006884][T24410] RIP: 0033:0x7f77b238e0d9
[ 1317.011278][T24410] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1317.030865][T24410] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1317.039252][T24410] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1317.047198][T24410] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1317.055158][T24410] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
14:32:46 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:46 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xc000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:46 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x2000}, 0x48)

14:32:46 executing program 2:
r0 = socket(0x2b, 0x2, 0x2) (async, rerun: 32)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r2, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9, 0xe}}}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "4acfc5cfa1"}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f00000000c0))

[ 1317.063110][T24410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1317.071058][T24410] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1317.092000][T24410] ------------[ cut here ]------------
[ 1317.103243][T24410] WARNING: CPU: 1 PID: 24410 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1317.112542][T24410] Modules linked in:
14:32:46 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x20000000}, 0x48)

14:32:46 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1317.116576][T24410] CPU: 0 PID: 24410 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1317.128612][T24410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1317.138936][T24410] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1317.144830][T24410] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1317.164982][T24410] RSP: 0018:ffffc9000635fbc0 EFLAGS: 00010246
[ 1317.171335][T24410] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1317.179321][T24410] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
[ 1317.187587][T24410] RBP: ffffc9000635fd08 R08: ffffffff82410506 R09: ffffc9000635f610
[ 1317.195581][T24410] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1317.203540][T24410] R13: ffff88810a7d2000 R14: ffff88810acb8338 R15: ffff88810acb8000
[ 1317.211525][T24410] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1317.220465][T24410] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1317.227057][T24410] CR2: 00007f30e4e7d058 CR3: 00000001100e2000 CR4: 00000000003506b0
[ 1317.235034][T24410] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1317.243027][T24410] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1317.251006][T24410] Call Trace:
[ 1317.254274][T24410]  ? device_add_disk+0x40/0x40
[ 1317.259040][T24410]  ? loop_add+0x380/0x760
[ 1317.263361][T24410]  ? vsprintf+0x40/0x40
[ 1317.267522][T24410]  device_add_disk+0x2a/0x40
[ 1317.272105][T24410]  loop_add+0x58f/0x760
[ 1317.276273][T24410]  loop_control_ioctl+0x564/0x740
[ 1317.281285][T24410]  ? loop_remove+0xb0/0xb0
[ 1317.285725][T24410]  ? __fget_files+0x310/0x370
[ 1317.290402][T24410]  ? security_file_ioctl+0xb1/0xd0
[ 1317.295527][T24410]  ? loop_remove+0xb0/0xb0
[ 1317.299932][T24410]  __se_sys_ioctl+0x115/0x190
[ 1317.304583][T24410]  __x64_sys_ioctl+0x7b/0x90
[ 1317.309179][T24410]  do_syscall_64+0x34/0x70
[ 1317.313585][T24410]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1317.319566][T24410] RIP: 0033:0x7f77b238e0d9
[ 1317.323972][T24410] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1317.343595][T24410] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1317.352220][T24410] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1317.360199][T24410] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1317.368171][T24410] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1317.376167][T24410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1317.384136][T24410] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1317.392129][T24410] ---[ end trace 36e3028cd67c66d1 ]---
[ 1317.404753][   T23] audit: type=1326 audit(1669991566.849:1868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24430 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1317.429357][   T23] audit: type=1326 audit(1669991566.879:1869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24430 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f0223a65bf6 code=0x0
[ 1317.454125][   T23] audit: type=1326 audit(1669991566.909:1870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24430 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1317.501829][   T23] audit: type=1326 audit(1669991566.949:1871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24436 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:32:47 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x14}]})

14:32:47 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x2000}, 0x48)

14:32:47 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xd000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:47 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 40)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:47 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x20000000}, 0x48)

[ 1317.664111][T24445] FAULT_INJECTION: forcing a failure.
[ 1317.664111][T24445] name failslab, interval 1, probability 0, space 0, times 0
[ 1317.681813][T24445] CPU: 1 PID: 24445 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1317.693626][T24445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1317.703744][T24445] Call Trace:
[ 1317.707007][T24445]  dump_stack_lvl+0x1e2/0x24b
[ 1317.711655][T24445]  ? panic+0x7d7/0x7d7
[ 1317.715711][T24445]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1317.721140][T24445]  dump_stack+0x15/0x17
[ 1317.725268][T24445]  should_fail+0x3c0/0x510
[ 1317.729653][T24445]  __should_failslab+0x9f/0xe0
[ 1317.734384][T24445]  should_failslab+0x9/0x20
[ 1317.738854][T24445]  kmem_cache_alloc+0x3f/0x300
[ 1317.743585][T24445]  ? __kernfs_new_node+0xdb/0x6e0
[ 1317.748581][T24445]  __kernfs_new_node+0xdb/0x6e0
[ 1317.753403][T24445]  ? stack_trace_save+0x12d/0x1f0
[ 1317.758391][T24445]  ? kernfs_new_node+0x170/0x170
[ 1317.763309][T24445]  ? stack_trace_snprint+0x100/0x100
[ 1317.768661][T24445]  ? stack_trace_save+0x12d/0x1f0
[ 1317.773654][T24445]  ? device_add+0xbe/0xbd0
[ 1317.778039][T24445]  kernfs_create_dir_ns+0x9b/0x230
[ 1317.783122][T24445]  sysfs_create_dir_ns+0x181/0x390
[ 1317.788203][T24445]  ? sysfs_warn_dup+0xa0/0xa0
[ 1317.792847][T24445]  kobject_add_internal+0x766/0xda0
[ 1317.798020][T24445]  kobject_add+0x14c/0x210
[ 1317.802415][T24445]  ? _raw_spin_lock+0xa3/0x1b0
[ 1317.807148][T24445]  ? kobject_init+0x1e0/0x1e0
[ 1317.811805][T24445]  ? mutex_unlock+0x29/0xf0
[ 1317.816285][T24445]  ? get_device_parent+0x2c5/0x430
[ 1317.821366][T24445]  device_add+0x3ca/0xbd0
[ 1317.825669][T24445]  device_create+0x258/0x2e0
[ 1317.830230][T24445]  ? root_device_unregister+0x80/0x80
[ 1317.835579][T24445]  ? number+0xd9b/0x1040
[ 1317.839788][T24445]  bdi_register_va+0x94/0x600
[ 1317.844442][T24445]  bdi_register+0xd1/0x120
[ 1317.848833][T24445]  ? __device_add_disk+0x536/0x11d0
[ 1317.853999][T24445]  ? bdi_register_va+0x600/0x600
[ 1317.858906][T24445]  ? vsnprintf+0x1bfd/0x1cd0
[ 1317.863468][T24445]  ? __kasan_check_read+0x11/0x20
[ 1317.868498][T24445]  ? blk_alloc_devt+0xd4/0x320
[ 1317.873230][T24445]  __device_add_disk+0x5cb/0x11d0
[ 1317.878235][T24445]  ? device_add_disk+0x40/0x40
[ 1317.882981][T24445]  ? loop_add+0x380/0x760
[ 1317.887277][T24445]  ? vsprintf+0x40/0x40
[ 1317.891403][T24445]  device_add_disk+0x2a/0x40
[ 1317.895961][T24445]  loop_add+0x58f/0x760
[ 1317.900088][T24445]  loop_control_ioctl+0x564/0x740
[ 1317.905083][T24445]  ? loop_remove+0xb0/0xb0
[ 1317.909538][T24445]  ? __fget_files+0x310/0x370
[ 1317.914200][T24445]  ? security_file_ioctl+0xb1/0xd0
[ 1317.919299][T24445]  ? loop_remove+0xb0/0xb0
[ 1317.923695][T24445]  __se_sys_ioctl+0x115/0x190
[ 1317.928345][T24445]  __x64_sys_ioctl+0x7b/0x90
[ 1317.932909][T24445]  do_syscall_64+0x34/0x70
[ 1317.937306][T24445]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1317.943169][T24445] RIP: 0033:0x7f77b238e0d9
[ 1317.947557][T24445] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1317.967134][T24445] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1317.975543][T24445] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1317.983505][T24445] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1317.991450][T24445] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1317.999395][T24445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1318.007337][T24445] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1318.018222][T24445] kobject_add_internal failed for 7:0 (error: -12 parent: bdi)
[ 1318.026008][T24445] ------------[ cut here ]------------
[ 1318.031572][T24445] WARNING: CPU: 0 PID: 24445 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1318.041021][T24445] Modules linked in:
[ 1318.045014][T24445] CPU: 0 PID: 24445 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1318.057648][T24445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1318.067801][T24445] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1318.073666][T24445] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1318.093447][T24445] RSP: 0018:ffffc900062cfbc0 EFLAGS: 00010283
[ 1318.099666][T24445] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1318.108004][T24445] RDX: ffffc90001b10000 RSI: 00000000000339de RDI: 00000000000339df
[ 1318.116291][T24445] RBP: ffffc900062cfd08 R08: ffffffff82410506 R09: ffffc900062cf610
[ 1318.124304][T24445] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1318.132336][T24445] R13: ffff888103fe5000 R14: ffff8881113bb338 R15: ffff8881113bb000
[ 1318.140354][T24445] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1318.149324][T24445] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1318.155933][T24445] CR2: 00007ffda4912c08 CR3: 000000010d9ce000 CR4: 00000000003506a0
[ 1318.163930][T24445] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1318.171943][T24445] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1318.179932][T24445] Call Trace:
[ 1318.183303][T24445]  ? device_add_disk+0x40/0x40
[ 1318.188105][T24445]  ? loop_add+0x380/0x760
[ 1318.192449][T24445]  ? vsprintf+0x40/0x40
[ 1318.196633][T24445]  device_add_disk+0x2a/0x40
[ 1318.201281][T24445]  loop_add+0x58f/0x760
[ 1318.205504][T24445]  loop_control_ioctl+0x564/0x740
[ 1318.210542][T24445]  ? loop_remove+0xb0/0xb0
[ 1318.214951][T24445]  ? __fget_files+0x310/0x370
[ 1318.219662][T24445]  ? security_file_ioctl+0xb1/0xd0
[ 1318.224786][T24445]  ? loop_remove+0xb0/0xb0
[ 1318.229224][T24445]  __se_sys_ioctl+0x115/0x190
[ 1318.233926][T24445]  __x64_sys_ioctl+0x7b/0x90
[ 1318.238553][T24445]  do_syscall_64+0x34/0x70
[ 1318.242981][T24445]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1318.248893][T24445] RIP: 0033:0x7f77b238e0d9
[ 1318.253336][T24445] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1318.272980][T24445] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1318.281388][T24445] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1318.289367][T24445] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1318.297347][T24445] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1318.305378][T24445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1318.313355][T24445] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1318.321327][T24445] ---[ end trace 36e3028cd67c66d2 ]---
14:32:49 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x8, &(0x7f0000000040)=[{0x1fc, 0x0, 0x0, 0x96}, {0x1, 0x0, 0x0, 0x7}, {0xfffd, 0x87, 0xff, 0x8}, {0x3, 0x5, 0x46, 0x1}, {0x7, 0x17, 0x1f, 0x1}, {0x805, 0x3, 0x5c, 0x2}, {0x4, 0x4a, 0x0, 0x4}, {0x7ff, 0x80, 0xff, 0x7}]}) (async)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f00000000c0)={0xffffffff, 0x70, "0b5038d083a4a59f1df012bd5eaf2f82053aed5209fa6fcf4507737067510297b1e042d2cb8d82da5f036fa45aaf03fd256c25b4d9f0ea33db0ce2793e7fa4d4eebab2ac744bd3916d3b1e5cc6b669f04cb6d204a8b0bb5c354ec572a1e2b08e701c620fc8ffbfe05d8a868aa40adcb3"}) (async)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000180)=""/99, &(0x7f0000000200)=0x63)

14:32:49 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xe000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:49 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:49 executing program 2:
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, &(0x7f00000000c0))
timer_getoverrun(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
timer_create(0x7, &(0x7f0000000100)={0x0, 0x38, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000140)=<r0=>0x0)
timer_gettime(r0, &(0x7f0000000180))

14:32:49 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x14}]})

14:32:49 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 41)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:49 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x2000}, 0x48)

14:32:49 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xf000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:49 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x14}]})

14:32:49 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x20000000}, 0x48)

[ 1319.724998][T24461] FAULT_INJECTION: forcing a failure.
[ 1319.724998][T24461] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1319.738711][   T23] audit: type=1326 audit(1669991569.189:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24458 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:32:49 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:49 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x2000}, 0x48)

[ 1319.764049][T24461] CPU: 0 PID: 24461 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1319.775762][T24461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1319.785810][T24461] Call Trace:
[ 1319.789106][T24461]  dump_stack_lvl+0x1e2/0x24b
[ 1319.793784][T24461]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1319.799244][T24461]  dump_stack+0x15/0x17
[ 1319.803378][T24461]  should_fail+0x3c0/0x510
[ 1319.807771][T24461]  should_fail_alloc_page+0x50/0x60
[ 1319.812942][T24461]  __alloc_pages_nodemask+0x1c0/0x890
[ 1319.818297][T24461]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1319.823822][T24461]  allocate_slab+0x78/0x540
[ 1319.828306][T24461]  ___slab_alloc+0x131/0x2e0
[ 1319.832879][T24461]  ? __kernfs_new_node+0xdb/0x6e0
[ 1319.837894][T24461]  __slab_alloc+0x63/0xa0
[ 1319.842205][T24461]  ? __kernfs_new_node+0xdb/0x6e0
[ 1319.847204][T24461]  kmem_cache_alloc+0x1ef/0x300
[ 1319.852041][T24461]  ? __kernfs_new_node+0xdb/0x6e0
[ 1319.857067][T24461]  __kernfs_new_node+0xdb/0x6e0
[ 1319.861891][T24461]  ? stack_trace_save+0x12d/0x1f0
[ 1319.866888][T24461]  ? kernfs_new_node+0x170/0x170
[ 1319.871798][T24461]  ? stack_trace_snprint+0x100/0x100
[ 1319.877064][T24461]  ? stack_trace_save+0x12d/0x1f0
[ 1319.882061][T24461]  ? device_add+0xbe/0xbd0
[ 1319.886458][T24461]  kernfs_create_dir_ns+0x9b/0x230
[ 1319.891546][T24461]  sysfs_create_dir_ns+0x181/0x390
[ 1319.896627][T24461]  ? sysfs_warn_dup+0xa0/0xa0
[ 1319.901276][T24461]  kobject_add_internal+0x766/0xda0
[ 1319.906450][T24461]  kobject_add+0x14c/0x210
[ 1319.910841][T24461]  ? _raw_spin_lock+0xa3/0x1b0
[ 1319.915577][T24461]  ? kobject_init+0x1e0/0x1e0
[ 1319.920227][T24461]  ? mutex_unlock+0x29/0xf0
[ 1319.924709][T24461]  ? get_device_parent+0x2c5/0x430
[ 1319.929793][T24461]  device_add+0x3ca/0xbd0
[ 1319.934104][T24461]  device_create+0x258/0x2e0
[ 1319.938674][T24461]  ? root_device_unregister+0x80/0x80
[ 1319.944017][T24461]  ? number+0xd9b/0x1040
[ 1319.948235][T24461]  bdi_register_va+0x94/0x600
[ 1319.952884][T24461]  bdi_register+0xd1/0x120
[ 1319.957274][T24461]  ? __device_add_disk+0x536/0x11d0
[ 1319.962447][T24461]  ? bdi_register_va+0x600/0x600
[ 1319.967371][T24461]  ? vsnprintf+0x1bfd/0x1cd0
[ 1319.971940][T24461]  ? __kasan_check_read+0x11/0x20
[ 1319.976934][T24461]  ? blk_alloc_devt+0xd4/0x320
[ 1319.981666][T24461]  __device_add_disk+0x5cb/0x11d0
[ 1319.986665][T24461]  ? device_add_disk+0x40/0x40
[ 1319.991400][T24461]  ? loop_add+0x380/0x760
[ 1319.995700][T24461]  ? vsprintf+0x40/0x40
[ 1319.999827][T24461]  device_add_disk+0x2a/0x40
[ 1320.004387][T24461]  loop_add+0x58f/0x760
[ 1320.008522][T24461]  loop_control_ioctl+0x564/0x740
[ 1320.013515][T24461]  ? loop_remove+0xb0/0xb0
[ 1320.017905][T24461]  ? __fget_files+0x310/0x370
[ 1320.022552][T24461]  ? security_file_ioctl+0xb1/0xd0
[ 1320.027633][T24461]  ? loop_remove+0xb0/0xb0
[ 1320.032020][T24461]  __se_sys_ioctl+0x115/0x190
[ 1320.036669][T24461]  __x64_sys_ioctl+0x7b/0x90
[ 1320.041232][T24461]  do_syscall_64+0x34/0x70
[ 1320.045620][T24461]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1320.051482][T24461] RIP: 0033:0x7f77b238e0d9
[ 1320.055877][T24461] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1320.075469][T24461] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1320.083868][T24461] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1320.091811][T24461] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1320.099757][T24461] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1320.107705][T24461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1320.115650][T24461] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1320.140171][   T23] audit: type=1326 audit(1669991569.589:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24473 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1320.164761][   T23] audit: type=1326 audit(1669991569.609:1874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24473 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f57d0c7cf8b code=0x0
[ 1320.206794][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:32:52 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="d5c897b83b0e389a0b797ce2ddfbd02bd874d6e984770d12ed785c913e48bcf7d65d8539761eca77b969c72ac9f01bbe945ae6bf611da0e5ddc0f17b049ee2e01da4ef6ac165bda6be32ab13aeaf16bec8175fd18fef3e638ddc4e465b33be6cfd354a18edae7bb43bcfb6ea2f6e", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r1)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000000)={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x1, "167a86ce53cb2ad279d32bc485f32180e96043ad46a117cdedcd1437a625edf6", 0x7fffffff, 0x6, 0x7, 0x4}, 0x3c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080))
syz_genetlink_get_family_id$team(&(0x7f0000000180), r0)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000340)=""/156, &(0x7f00000001c0)=0x9c)

14:32:52 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x48)

14:32:52 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x10000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:52 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:52 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 42)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:52 executing program 2:
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, &(0x7f00000000c0))
timer_getoverrun(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
timer_create(0x7, &(0x7f0000000100)={0x0, 0x38, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000140)=<r0=>0x0)
timer_gettime(r0, &(0x7f0000000180))

14:32:52 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x11000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1323.142928][T24486] FAULT_INJECTION: forcing a failure.
[ 1323.142928][T24486] name failslab, interval 1, probability 0, space 0, times 0
[ 1323.159654][   T23] audit: type=1326 audit(1669991572.609:1875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24487 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1323.161563][T24486] CPU: 0 PID: 24486 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1323.194794][T24486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1323.204829][T24486] Call Trace:
[ 1323.208102][T24486]  dump_stack_lvl+0x1e2/0x24b
[ 1323.212753][T24486]  ? panic+0x7d7/0x7d7
[ 1323.216802][T24486]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1323.222236][T24486]  dump_stack+0x15/0x17
[ 1323.226368][T24486]  should_fail+0x3c0/0x510
[ 1323.230759][T24486]  __should_failslab+0x9f/0xe0
[ 1323.235498][T24486]  should_failslab+0x9/0x20
[ 1323.239974][T24486]  kmem_cache_alloc+0x3f/0x300
[ 1323.244712][T24486]  ? __kernfs_new_node+0xdb/0x6e0
[ 1323.249708][T24486]  ? mutex_lock+0xb2/0x1e0
[ 1323.254107][T24486]  __kernfs_new_node+0xdb/0x6e0
[ 1323.258930][T24486]  ? kernfs_new_node+0x170/0x170
[ 1323.263845][T24486]  ? kernfs_add_one+0x4c5/0x5e0
[ 1323.268674][T24486]  kernfs_new_node+0x97/0x170
[ 1323.273327][T24486]  __kernfs_create_file+0x4a/0x270
[ 1323.278414][T24486]  sysfs_add_file_mode_ns+0x273/0x320
[ 1323.283774][T24486]  sysfs_create_file_ns+0x191/0x2a0
[ 1323.288951][T24486]  ? sysfs_add_file_mode_ns+0x320/0x320
[ 1323.294475][T24486]  device_create_file+0x110/0x1d0
[ 1323.299474][T24486]  device_add+0x496/0xbd0
[ 1323.303778][T24486]  device_create+0x258/0x2e0
[ 1323.308342][T24486]  ? root_device_unregister+0x80/0x80
[ 1323.313691][T24486]  ? number+0xd9b/0x1040
[ 1323.317911][T24486]  bdi_register_va+0x94/0x600
[ 1323.322561][T24486]  bdi_register+0xd1/0x120
[ 1323.326953][T24486]  ? __device_add_disk+0x536/0x11d0
[ 1323.332126][T24486]  ? bdi_register_va+0x600/0x600
[ 1323.337041][T24486]  ? vsnprintf+0x1bfd/0x1cd0
[ 1323.341606][T24486]  ? __kasan_check_read+0x11/0x20
[ 1323.346613][T24486]  ? blk_alloc_devt+0xd4/0x320
[ 1323.351351][T24486]  __device_add_disk+0x5cb/0x11d0
[ 1323.356353][T24486]  ? device_add_disk+0x40/0x40
[ 1323.361092][T24486]  ? loop_add+0x380/0x760
[ 1323.365396][T24486]  ? vsprintf+0x40/0x40
[ 1323.369526][T24486]  device_add_disk+0x2a/0x40
[ 1323.374092][T24486]  loop_add+0x58f/0x760
[ 1323.378222][T24486]  loop_control_ioctl+0x564/0x740
[ 1323.383220][T24486]  ? loop_remove+0xb0/0xb0
[ 1323.387616][T24486]  ? __fget_files+0x310/0x370
[ 1323.392272][T24486]  ? security_file_ioctl+0xb1/0xd0
[ 1323.397358][T24486]  ? loop_remove+0xb0/0xb0
[ 1323.401749][T24486]  __se_sys_ioctl+0x115/0x190
[ 1323.406402][T24486]  __x64_sys_ioctl+0x7b/0x90
[ 1323.410966][T24486]  do_syscall_64+0x34/0x70
[ 1323.415359][T24486]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1323.421224][T24486] RIP: 0033:0x7f77b238e0d9
[ 1323.425618][T24486] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1323.445196][T24486] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1323.453586][T24486] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1323.461532][T24486] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1323.469480][T24486] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1323.477427][T24486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1323.485373][T24486] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:52 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1323.493780][T24486] ------------[ cut here ]------------
[ 1323.503708][T24486] WARNING: CPU: 1 PID: 24486 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1323.516071][T24486] Modules linked in:
14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2000}, 0x48)

[ 1323.523195][   T23] audit: type=1326 audit(1669991572.949:1876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24484 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1323.523900][T24486] CPU: 1 PID: 24486 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1323.563241][T24486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1323.573576][T24486] RIP: 0010:__device_add_disk+0xe7c/0x11d0
14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x20000000}, 0x48)

[ 1323.573962][   T23] audit: type=1326 audit(1669991572.949:1877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24484 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f0223a68f8b code=0x0
[ 1323.602776][T24486] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1323.626786][T24486] RSP: 0018:ffffc900062efbc0 EFLAGS: 00010246
[ 1323.633048][T24486] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2000}, 0x48)

[ 1323.644751][T24486] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
[ 1323.656767][T24486] RBP: ffffc900062efd08 R08: ffffffff82410506 R09: ffffc900062ef610
[ 1323.664991][T24486] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1323.676501][T24486] R13: ffff888118ca7000 R14: ffff8881081e6338 R15: ffff8881081e6000
[ 1323.685262][T24486] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1323.694643][T24486] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1323.705383][T24486] CR2: 00007ffda4914428 CR3: 000000011ceb9000 CR4: 00000000003506a0
[ 1323.716027][T24486] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1323.724125][T24486] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1323.732242][T24486] Call Trace:
[ 1323.735653][T24486]  ? device_add_disk+0x40/0x40
[ 1323.740522][T24486]  ? loop_add+0x380/0x760
[ 1323.744944][T24486]  ? vsprintf+0x40/0x40
[ 1323.749296][T24486]  device_add_disk+0x2a/0x40
[ 1323.754085][T24486]  loop_add+0x58f/0x760
[ 1323.758424][T24486]  loop_control_ioctl+0x564/0x740
[ 1323.763601][T24486]  ? loop_remove+0xb0/0xb0
[ 1323.768148][T24486]  ? __fget_files+0x310/0x370
[ 1323.772928][T24486]  ? security_file_ioctl+0xb1/0xd0
[ 1323.778151][T24486]  ? loop_remove+0xb0/0xb0
[ 1323.782657][T24486]  __se_sys_ioctl+0x115/0x190
[ 1323.787629][T24486]  __x64_sys_ioctl+0x7b/0x90
[ 1323.792314][T24486]  do_syscall_64+0x34/0x70
[ 1323.796829][T24486]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1323.802816][T24486] RIP: 0033:0x7f77b238e0d9
[ 1323.807836][T24486] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1323.828006][T24486] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:32:53 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="d5c897b83b0e389a0b797ce2ddfbd02bd874d6e984770d12ed785c913e48bcf7d65d8539761eca77b969c72ac9f01bbe945ae6bf611da0e5ddc0f17b049ee2e01da4ef6ac165bda6be32ab13aeaf16bec8175fd18fef3e638ddc4e465b33be6cfd354a18edae7bb43bcfb6ea2f6e", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r1)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000000)={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x1, "167a86ce53cb2ad279d32bc485f32180e96043ad46a117cdedcd1437a625edf6", 0x7fffffff, 0x6, 0x7, 0x4}, 0x3c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000180), r0) (async)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000340)=""/156, &(0x7f00000001c0)=0x9c)

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x20000000}, 0x48)

14:32:53 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:53 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x12000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1323.842099][T24486] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1323.850242][T24486] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1323.863323][T24486] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1323.871422][T24486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1323.879764][T24486] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1323.887828][T24486] ---[ end trace 36e3028cd67c66d3 ]---
14:32:53 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 43)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1323.942975][   T23] audit: type=1326 audit(1669991573.389:1878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1323.960481][T24519] FAULT_INJECTION: forcing a failure.
[ 1323.960481][T24519] name failslab, interval 1, probability 0, space 0, times 0
[ 1323.979147][T24519] CPU: 1 PID: 24519 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1323.990840][T24519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1324.000230][   T23] audit: type=1326 audit(1669991573.429:1879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24515 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f0223a68f8b code=0x0
[ 1324.000887][T24519] Call Trace:
[ 1324.027408][T24519]  dump_stack_lvl+0x1e2/0x24b
[ 1324.032086][T24519]  ? panic+0x7d7/0x7d7
[ 1324.036159][T24519]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1324.041611][T24519]  ? _raw_spin_lock+0xa3/0x1b0
[ 1324.046371][T24519]  ? __radix_tree_preload+0x361/0x3e0
[ 1324.051738][T24519]  dump_stack+0x15/0x17
[ 1324.055970][T24519]  should_fail+0x3c0/0x510
[ 1324.060381][T24519]  __should_failslab+0x9f/0xe0
[ 1324.065148][T24519]  should_failslab+0x9/0x20
[ 1324.069650][T24519]  kmem_cache_alloc+0x3f/0x300
[ 1324.074413][T24519]  ? __kernfs_new_node+0xdb/0x6e0
[ 1324.079445][T24519]  __kernfs_new_node+0xdb/0x6e0
[ 1324.084303][T24519]  ? kernfs_activate+0x409/0x420
[ 1324.089323][T24519]  ? kernfs_add_one+0x4c5/0x5e0
[ 1324.094170][T24519]  ? kernfs_new_node+0x170/0x170
[ 1324.099103][T24519]  ? __kernfs_create_file+0x1fb/0x270
[ 1324.104479][T24519]  kernfs_new_node+0x97/0x170
[ 1324.109152][T24519]  kernfs_create_link+0xb8/0x210
[ 1324.114085][T24519]  sysfs_do_create_link_sd+0x89/0x110
[ 1324.119449][T24519]  sysfs_create_link+0x68/0x80
[ 1324.124203][T24519]  device_add_class_symlinks+0xdb/0x2a0
[ 1324.129766][T24519]  device_add+0x4c3/0xbd0
[ 1324.134096][T24519]  device_create+0x258/0x2e0
[ 1324.138755][T24519]  ? root_device_unregister+0x80/0x80
[ 1324.144164][T24519]  ? number+0xd9b/0x1040
[ 1324.148424][T24519]  bdi_register_va+0x94/0x600
[ 1324.153107][T24519]  bdi_register+0xd1/0x120
[ 1324.157531][T24519]  ? __device_add_disk+0x536/0x11d0
[ 1324.162750][T24519]  ? bdi_register_va+0x600/0x600
[ 1324.167688][T24519]  ? vsnprintf+0x1bfd/0x1cd0
[ 1324.172283][T24519]  ? __kasan_check_read+0x11/0x20
[ 1324.177305][T24519]  ? blk_alloc_devt+0xd4/0x320
[ 1324.182065][T24519]  __device_add_disk+0x5cb/0x11d0
[ 1324.187089][T24519]  ? device_add_disk+0x40/0x40
[ 1324.191941][T24519]  ? loop_add+0x380/0x760
[ 1324.196267][T24519]  ? vsprintf+0x40/0x40
[ 1324.200418][T24519]  device_add_disk+0x2a/0x40
[ 1324.205006][T24519]  loop_add+0x58f/0x760
[ 1324.209161][T24519]  loop_control_ioctl+0x564/0x740
[ 1324.214180][T24519]  ? loop_remove+0xb0/0xb0
[ 1324.218589][T24519]  ? __fget_files+0x310/0x370
[ 1324.223265][T24519]  ? security_file_ioctl+0xb1/0xd0
[ 1324.228372][T24519]  ? loop_remove+0xb0/0xb0
[ 1324.232782][T24519]  __se_sys_ioctl+0x115/0x190
[ 1324.237463][T24519]  __x64_sys_ioctl+0x7b/0x90
[ 1324.242049][T24519]  do_syscall_64+0x34/0x70
[ 1324.246462][T24519]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1324.252347][T24519] RIP: 0033:0x7f77b238e0d9
[ 1324.256755][T24519] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1324.276354][T24519] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1324.284747][T24519] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:53 executing program 2:
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, &(0x7f00000000c0))
timer_getoverrun(0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
timer_create(0x7, &(0x7f0000000100)={0x0, 0x38, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000140)=<r0=>0x0)
timer_gettime(r0, &(0x7f0000000180))

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:53 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x13000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:53 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="d5c897b83b0e389a0b797ce2ddfbd02bd874d6e984770d12ed785c913e48bcf7d65d8539761eca77b969c72ac9f01bbe945ae6bf611da0e5ddc0f17b049ee2e01da4ef6ac165bda6be32ab13aeaf16bec8175fd18fef3e638ddc4e465b33be6cfd354a18edae7bb43bcfb6ea2f6e", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r1) (async, rerun: 64)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000000)={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x1, "167a86ce53cb2ad279d32bc485f32180e96043ad46a117cdedcd1437a625edf6", 0x7fffffff, 0x6, 0x7, 0x4}, 0x3c) (rerun: 64)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080))
syz_genetlink_get_family_id$team(&(0x7f0000000180), r0) (async)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000340)=""/156, &(0x7f00000001c0)=0x9c)

14:32:53 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1324.292696][T24519] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1324.300653][T24519] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1324.308603][T24519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1324.316550][T24519] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1324.326755][T24519] ------------[ cut here ]------------
14:32:53 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x14000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000}, 0x48)

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x20000000}, 0x48)

[ 1324.336220][T24519] WARNING: CPU: 1 PID: 24519 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1324.355264][T24519] Modules linked in:
[ 1324.365922][T24519] CPU: 0 PID: 24519 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1324.379089][T24519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2000}, 0x48)

14:32:53 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x20000000}, 0x48)

[ 1324.391463][T24519] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1324.397561][T24519] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1324.417399][T24519] RSP: 0018:ffffc9000627fbc0 EFLAGS: 00010246
[ 1324.423720][T24519] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1324.432305][T24519] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
[ 1324.440519][T24519] RBP: ffffc9000627fd08 R08: ffffffff82410506 R09: ffffc9000627f610
[ 1324.448598][T24519] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1324.456698][T24519] R13: ffff88810fd16000 R14: ffff88812dff8338 R15: ffff88812dff8000
[ 1324.464742][T24519] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1324.473715][T24519] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1324.480327][T24519] CR2: 00007f30e4ea0000 CR3: 00000001316fb000 CR4: 00000000003506a0
[ 1324.488328][T24519] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1324.496344][T24519] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1324.504295][T24519] Call Trace:
[ 1324.507617][T24519]  ? device_add_disk+0x40/0x40
[ 1324.512374][T24519]  ? loop_add+0x380/0x760
[ 1324.516717][T24519]  ? vsprintf+0x40/0x40
[ 1324.520866][T24519]  device_add_disk+0x2a/0x40
[ 1324.525428][T24519]  loop_add+0x58f/0x760
[ 1324.529588][T24519]  loop_control_ioctl+0x564/0x740
[ 1324.534604][T24519]  ? loop_remove+0xb0/0xb0
[ 1324.539051][T24519]  ? __fget_files+0x310/0x370
[ 1324.543739][T24519]  ? security_file_ioctl+0xb1/0xd0
[ 1324.548884][T24519]  ? loop_remove+0xb0/0xb0
[ 1324.553285][T24519]  __se_sys_ioctl+0x115/0x190
[ 1324.557971][T24519]  __x64_sys_ioctl+0x7b/0x90
[ 1324.562552][T24519]  do_syscall_64+0x34/0x70
[ 1324.567001][T24519]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1324.572874][T24519] RIP: 0033:0x7f77b238e0d9
[ 1324.577818][T24519] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1324.597740][T24519] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1324.606446][T24519] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1324.614435][T24519] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1324.622436][T24519] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1324.630441][T24519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1324.638443][T24519] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1324.646440][T24519] ---[ end trace 36e3028cd67c66d4 ]---
[ 1324.658973][   T23] audit: type=1326 audit(1669991574.109:1880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24537 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:32:54 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 44)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:54 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2000}, 0x48)

14:32:54 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080))
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f00000002c0))
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ee0267db", @ANYRES16=r0, @ANYBLOB="000426bd7000ffdbdf250500000008003100d70000000a000900000000000000000005002e0001000000080032000700000005002f000100000008002b0005000000"], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x810)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f0000000000)=[{0x3a, 0x3, 0x3b, 0xff}, {0x1, 0x9, 0xb1, 0x5}, {0x2, 0x6, 0x9, 0x1}, {0x1f, 0x3f, 0x80, 0x8e7}, {0xbd6, 0x5, 0xf6, 0x7}]})
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x20, 0x1f, @vifc_lcl_ifindex, @remote}, 0x10)

14:32:54 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x15000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1324.706430][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1324.720205][T24549] FAULT_INJECTION: forcing a failure.
[ 1324.720205][T24549] name failslab, interval 1, probability 0, space 0, times 0
[ 1324.737156][T24549] CPU: 1 PID: 24549 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1324.748879][T24549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1324.758914][T24549] Call Trace:
[ 1324.762188][T24549]  dump_stack_lvl+0x1e2/0x24b
[ 1324.766843][T24549]  ? panic+0x7d7/0x7d7
[ 1324.770890][T24549]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1324.776329][T24549]  ? _raw_spin_lock+0xa3/0x1b0
[ 1324.781504][T24549]  ? __radix_tree_preload+0x361/0x3e0
[ 1324.786850][T24549]  dump_stack+0x15/0x17
[ 1324.790984][T24549]  should_fail+0x3c0/0x510
[ 1324.795378][T24549]  __should_failslab+0x9f/0xe0
[ 1324.800133][T24549]  should_failslab+0x9/0x20
[ 1324.804619][T24549]  kmem_cache_alloc+0x3f/0x300
[ 1324.809356][T24549]  ? __kernfs_new_node+0xdb/0x6e0
[ 1324.814357][T24549]  __kernfs_new_node+0xdb/0x6e0
[ 1324.819183][T24549]  ? kernfs_activate+0x409/0x420
[ 1324.824113][T24549]  ? kernfs_add_one+0x4c5/0x5e0
[ 1324.828943][T24549]  ? kernfs_new_node+0x170/0x170
[ 1324.833871][T24549]  ? __kernfs_create_file+0x1fb/0x270
[ 1324.839217][T24549]  kernfs_new_node+0x97/0x170
[ 1324.843870][T24549]  kernfs_create_link+0xb8/0x210
[ 1324.848786][T24549]  sysfs_do_create_link_sd+0x89/0x110
[ 1324.854148][T24549]  sysfs_create_link+0x68/0x80
[ 1324.858889][T24549]  device_add_class_symlinks+0xdb/0x2a0
[ 1324.864409][T24549]  device_add+0x4c3/0xbd0
[ 1324.868713][T24549]  device_create+0x258/0x2e0
[ 1324.873278][T24549]  ? root_device_unregister+0x80/0x80
[ 1324.878628][T24549]  ? number+0xd9b/0x1040
[ 1324.882861][T24549]  bdi_register_va+0x94/0x600
[ 1324.887536][T24549]  bdi_register+0xd1/0x120
[ 1324.891954][T24549]  ? __device_add_disk+0x536/0x11d0
[ 1324.897139][T24549]  ? bdi_register_va+0x600/0x600
[ 1324.902065][T24549]  ? vsnprintf+0x1bfd/0x1cd0
[ 1324.906644][T24549]  ? __kasan_check_read+0x11/0x20
[ 1324.911646][T24549]  ? blk_alloc_devt+0xd4/0x320
[ 1324.916387][T24549]  __device_add_disk+0x5cb/0x11d0
[ 1324.921387][T24549]  ? device_add_disk+0x40/0x40
[ 1324.926130][T24549]  ? loop_add+0x380/0x760
[ 1324.930435][T24549]  ? vsprintf+0x40/0x40
[ 1324.934567][T24549]  device_add_disk+0x2a/0x40
[ 1324.939133][T24549]  loop_add+0x58f/0x760
[ 1324.943268][T24549]  loop_control_ioctl+0x564/0x740
[ 1324.948274][T24549]  ? loop_remove+0xb0/0xb0
[ 1324.952665][T24549]  ? __fget_files+0x310/0x370
[ 1324.957321][T24549]  ? security_file_ioctl+0xb1/0xd0
[ 1324.962409][T24549]  ? loop_remove+0xb0/0xb0
[ 1324.966803][T24549]  __se_sys_ioctl+0x115/0x190
[ 1324.971455][T24549]  __x64_sys_ioctl+0x7b/0x90
[ 1324.976018][T24549]  do_syscall_64+0x34/0x70
[ 1324.980412][T24549]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1324.986291][T24549] RIP: 0033:0x7f77b238e0d9
[ 1324.990706][T24549] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1325.010301][T24549] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1325.018695][T24549] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1325.026643][T24549] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1325.034589][T24549] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1325.042535][T24549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
14:32:54 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000006c0)={0x20, r3, 0x101, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0)
sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f00000006c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10400900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x414, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x1a0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "1fc474a7a490baeec58f78b50983e4f82faf439ef377015e8202686aab"}}, @TIPC_NLA_NODE_ID={0x13, 0x3, "4577e4e2eb5af8838a3ff1bdf243ae"}, @TIPC_NLA_NODE_ID={0xec, 0x3, "1121bf79bc9a82cf4f4e45b9fac0480cd9be7fa59b9d73c30d5d88f86e869a3e053e45fc751f32b353885c9c4ccf1da5c4586e257a7eeb77aede5fa97a892858e322c79f38e6419596116ab0e832bcb2cc8273b10635c958f20709491ec8da7aa8b7c7138a98e03c75a130650965bc3c25c8f9b33e3480757fe47c9ddd62631bee54f7808cdd99daa06af6eff5cf97c12d7a80ec6e5a93247bcb3ce6c909ed620da3492f34c640b268a91e0d6d238b82307ca9d58254a943f988387bd9bbe65cfe64f7388ed2daa9f887b551af52428238694f933426d33c8ae8bbb3e7b695f9ad5bc7e6b3d7595a"}, @TIPC_NLA_NODE_ID={0x3b, 0x3, "1a186970b3876fb8de3f557f7ae8a846c62093fb30b00ff34b9b6a4d7fbcfbaf80ec7f2372d69e58ef9a985dfb7f42556a06065b6f3e3b"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @private=0xa010100}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x80, @private2={0xfc, 0x2, '\x00', 0x1}, 0x64b}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x43}, 0x64eb}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'virt_wifi0\x00'}}]}, @TIPC_NLA_LINK={0x30, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x759f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}]}, @TIPC_NLA_BEARER={0xa4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x1, @rand_addr=' \x01\x00', 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x101, @loopback, 0xaf0}}}}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'veth0_vlan\x00'}}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0xc8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x16}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'eth', 0x3a, 'batadv_slave_1\x00'}}]}]}, 0x414}, 0x1, 0x0, 0x0, 0x4000840}, 0x44004)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$SIOCGETVIFCNT(r0, 0x89e0, &(0x7f00000000c0))
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1325.050486][T24549] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1325.062986][T24549] ------------[ cut here ]------------
[ 1325.068580][T24549] WARNING: CPU: 1 PID: 24549 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1325.078027][T24549] Modules linked in:
[ 1325.078210][   T23] audit: type=1326 audit(1669991574.529:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24546 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1325.085690][T24549] CPU: 1 PID: 24549 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1325.105535][   T23] audit: type=1326 audit(1669991574.529:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24546 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f0223a68f8b code=0x0
[ 1325.140533][T24549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1325.150734][T24549] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1325.156627][T24549] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1325.176276][T24549] RSP: 0018:ffffc9000637fbc0 EFLAGS: 00010287
[ 1325.182347][T24549] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1325.190358][T24549] RDX: ffffc90001b10000 RSI: 000000000002d9b0 RDI: 000000000002d9b1
[ 1325.198356][T24549] RBP: ffffc9000637fd08 R08: ffffffff82410506 R09: ffffc9000637f610
[ 1325.206429][T24549] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1325.214402][T24549] R13: ffff88812c292000 R14: ffff88812c297338 R15: ffff88812c297000
[ 1325.222429][T24549] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1325.231386][T24549] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1325.238012][T24549] CR2: 00007f30e4e7d058 CR3: 00000001316fb000 CR4: 00000000003506b0
[ 1325.245995][T24549] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1325.253970][T24549] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1325.261985][T24549] Call Trace:
[ 1325.265282][T24549]  ? device_add_disk+0x40/0x40
[ 1325.270097][T24549]  ? loop_add+0x380/0x760
[ 1325.279265][T24549]  ? vsprintf+0x40/0x40
[ 1325.283481][T24549]  device_add_disk+0x2a/0x40
[ 1325.288361][T24549]  loop_add+0x58f/0x760
[ 1325.292596][T24549]  loop_control_ioctl+0x564/0x740
[ 1325.297922][T24549]  ? loop_remove+0xb0/0xb0
[ 1325.302422][T24549]  ? __fget_files+0x310/0x370
14:32:54 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r0=>0x0})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r0, r1, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30)

14:32:54 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20000000}, 0x48)

14:32:54 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x16000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:54 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x48)

[ 1325.307393][T24549]  ? security_file_ioctl+0xb1/0xd0
[ 1325.312586][T24549]  ? loop_remove+0xb0/0xb0
[ 1325.317299][T24549]  __se_sys_ioctl+0x115/0x190
[ 1325.322504][T24549]  __x64_sys_ioctl+0x7b/0x90
[ 1325.327647][T24549]  do_syscall_64+0x34/0x70
[ 1325.337044][T24549]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1325.352554][T24549] RIP: 0033:0x7f77b238e0d9
14:32:54 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x78)

14:32:54 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x20000208)

[ 1325.357573][T24549] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1325.382678][T24549] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1325.395328][T24549] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:32:54 executing program 0:
r0 = socket(0x1f, 0x80000, 0xff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="9c000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fddbdf2509000000580001800800090031000000060004003a23000e080005000400000008000800030000000600010002000000060002003300000008000b0073697000070006007368000014000300ffffffff000000000000000000000000240001800c00070034000000020000000a0006006c626c017200000008000800060000000c00038006000400fdff000058a64e36d80e2cb9777ba8d0a7be003156631e4b5a4a8f6008d01f9b015ceaaff3979c524b97a12952d0b3a164d9e32a4b3aa3ad8d232c91a3fef7c006afec3ffa498b2cfc03cf"], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/120, &(0x7f0000000080)=0x78)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xd, 0x3, 0x0, 0x0, 0x601, 0xffffffffffffffff, 0x40}, 0x48)
bind$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

[ 1325.403868][T24549] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1325.415684][T24549] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1325.423987][T24549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1325.432259][T24549] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1325.440320][T24549] ---[ end trace 36e3028cd67c66d5 ]---
[ 1325.460507][   T23] audit: type=1326 audit(1669991574.909:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24566 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:32:54 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 45)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:54 executing program 0:
r0 = socket(0x1f, 0x80000, 0xff) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="9c000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fddbdf2509000000580001800800090031000000060004003a23000e080005000400000008000800030000000600010002000000060002003300000008000b0073697000070006007368000014000300ffffffff000000000000000000000000240001800c00070034000000020000000a0006006c626c017200000008000800060000000c00038006000400fdff000058a64e36d80e2cb9777ba8d0a7be003156631e4b5a4a8f6008d01f9b015ceaaff3979c524b97a12952d0b3a164d9e32a4b3aa3ad8d232c91a3fef7c006afec3ffa498b2cfc03cf"], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/120, &(0x7f0000000080)=0x78) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xd, 0x3, 0x0, 0x0, 0x601, 0xffffffffffffffff, 0x40}, 0x48) (async)
bind$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)

14:32:54 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)) (async)
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f00000002c0))
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ee0267db", @ANYRES16=r0, @ANYBLOB="000426bd7000ffdbdf250500000008003100d70000000a000900000000000000000005002e0001000000080032000700000005002f000100000008002b0005000000"], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x810) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f0000000000)=[{0x3a, 0x3, 0x3b, 0xff}, {0x1, 0x9, 0xb1, 0x5}, {0x2, 0x6, 0x9, 0x1}, {0x1f, 0x3f, 0x80, 0x8e7}, {0xbd6, 0x5, 0xf6, 0x7}]}) (async, rerun: 64)
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff) (rerun: 64)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x20, 0x1f, @vifc_lcl_ifindex, @remote}, 0x10)

14:32:54 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x17000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1325.504921][   T23] audit: type=1326 audit(1669991574.949:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24572 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1325.526560][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1325.543941][T24586] FAULT_INJECTION: forcing a failure.
[ 1325.543941][T24586] name failslab, interval 1, probability 0, space 0, times 0
[ 1325.556714][T24586] CPU: 0 PID: 24586 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1325.568423][T24586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1325.578470][T24586] Call Trace:
[ 1325.581763][T24586]  dump_stack_lvl+0x1e2/0x24b
[ 1325.586443][T24586]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1325.591901][T24586]  dump_stack+0x15/0x17
[ 1325.596056][T24586]  should_fail+0x3c0/0x510
[ 1325.600472][T24586]  __should_failslab+0x9f/0xe0
[ 1325.605234][T24586]  should_failslab+0x9/0x20
[ 1325.609731][T24586]  kmem_cache_alloc+0x3f/0x300
[ 1325.614499][T24586]  ? radix_tree_node_alloc+0x194/0x3c0
[ 1325.619966][T24586]  radix_tree_node_alloc+0x194/0x3c0
[ 1325.625266][T24586]  ? kernfs_new_node+0x97/0x170
[ 1325.630119][T24586]  ? kernfs_create_link+0xb8/0x210
[ 1325.635230][T24586]  ? sysfs_do_create_link_sd+0x89/0x110
[ 1325.640775][T24586]  ? device_add_class_symlinks+0xdb/0x2a0
[ 1325.646495][T24586]  idr_get_free+0x2d8/0x990
[ 1325.650996][T24586]  ? __se_sys_ioctl+0x115/0x190
[ 1325.655865][T24586]  idr_alloc_cyclic+0x1ef/0x5d0
[ 1325.660809][T24586]  ? idr_alloc+0x2f0/0x2f0
[ 1325.665223][T24586]  ? __kasan_check_write+0x14/0x20
[ 1325.670335][T24586]  ? _raw_spin_lock+0xa3/0x1b0
[ 1325.675095][T24586]  ? __radix_tree_preload+0x361/0x3e0
[ 1325.680463][T24586]  ? kmem_cache_alloc+0x1a4/0x300
[ 1325.685498][T24586]  __kernfs_new_node+0x124/0x6e0
[ 1325.690545][T24586]  ? kernfs_activate+0x409/0x420
[ 1325.695495][T24586]  ? kernfs_new_node+0x170/0x170
[ 1325.700446][T24586]  ? __kernfs_create_file+0x1fb/0x270
[ 1325.705826][T24586]  kernfs_new_node+0x97/0x170
[ 1325.710507][T24586]  kernfs_create_link+0xb8/0x210
[ 1325.715562][T24586]  sysfs_do_create_link_sd+0x89/0x110
[ 1325.720941][T24586]  sysfs_create_link+0x68/0x80
[ 1325.725798][T24586]  device_add_class_symlinks+0xdb/0x2a0
[ 1325.731345][T24586]  device_add+0x4c3/0xbd0
[ 1325.735686][T24586]  device_create+0x258/0x2e0
[ 1325.740275][T24586]  ? root_device_unregister+0x80/0x80
[ 1325.745642][T24586]  ? number+0xd9b/0x1040
[ 1325.749877][T24586]  bdi_register_va+0x94/0x600
[ 1325.754554][T24586]  bdi_register+0xd1/0x120
[ 1325.758981][T24586]  ? __device_add_disk+0x536/0x11d0
[ 1325.764187][T24586]  ? bdi_register_va+0x600/0x600
[ 1325.769122][T24586]  ? vsnprintf+0x1bfd/0x1cd0
[ 1325.773713][T24586]  ? __kasan_check_read+0x11/0x20
[ 1325.778734][T24586]  ? blk_alloc_devt+0xd4/0x320
[ 1325.783493][T24586]  __device_add_disk+0x5cb/0x11d0
[ 1325.788515][T24586]  ? device_add_disk+0x40/0x40
[ 1325.793272][T24586]  ? loop_add+0x380/0x760
[ 1325.797598][T24586]  ? vsprintf+0x40/0x40
[ 1325.801752][T24586]  device_add_disk+0x2a/0x40
[ 1325.806339][T24586]  loop_add+0x58f/0x760
[ 1325.810492][T24586]  loop_control_ioctl+0x564/0x740
[ 1325.815509][T24586]  ? loop_remove+0xb0/0xb0
[ 1325.819917][T24586]  ? __fget_files+0x310/0x370
[ 1325.824592][T24586]  ? security_file_ioctl+0xb1/0xd0
[ 1325.829697][T24586]  ? loop_remove+0xb0/0xb0
[ 1325.834106][T24586]  __se_sys_ioctl+0x115/0x190
[ 1325.838781][T24586]  __x64_sys_ioctl+0x7b/0x90
[ 1325.843368][T24586]  do_syscall_64+0x34/0x70
[ 1325.847779][T24586]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1325.853660][T24586] RIP: 0033:0x7f77b238e0d9
[ 1325.858072][T24586] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1325.877760][T24586] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1325.886176][T24586] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1325.894144][T24586] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1325.902112][T24586] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1325.910083][T24586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1325.918057][T24586] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:32:55 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000006c0)={0x20, r3, 0x101, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0)
sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f00000006c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10400900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x414, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x1a0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "1fc474a7a490baeec58f78b50983e4f82faf439ef377015e8202686aab"}}, @TIPC_NLA_NODE_ID={0x13, 0x3, "4577e4e2eb5af8838a3ff1bdf243ae"}, @TIPC_NLA_NODE_ID={0xec, 0x3, "1121bf79bc9a82cf4f4e45b9fac0480cd9be7fa59b9d73c30d5d88f86e869a3e053e45fc751f32b353885c9c4ccf1da5c4586e257a7eeb77aede5fa97a892858e322c79f38e6419596116ab0e832bcb2cc8273b10635c958f20709491ec8da7aa8b7c7138a98e03c75a130650965bc3c25c8f9b33e3480757fe47c9ddd62631bee54f7808cdd99daa06af6eff5cf97c12d7a80ec6e5a93247bcb3ce6c909ed620da3492f34c640b268a91e0d6d238b82307ca9d58254a943f988387bd9bbe65cfe64f7388ed2daa9f887b551af52428238694f933426d33c8ae8bbb3e7b695f9ad5bc7e6b3d7595a"}, @TIPC_NLA_NODE_ID={0x3b, 0x3, "1a186970b3876fb8de3f557f7ae8a846c62093fb30b00ff34b9b6a4d7fbcfbaf80ec7f2372d69e58ef9a985dfb7f42556a06065b6f3e3b"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @private=0xa010100}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x80, @private2={0xfc, 0x2, '\x00', 0x1}, 0x64b}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x43}, 0x64eb}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'virt_wifi0\x00'}}]}, @TIPC_NLA_LINK={0x30, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x759f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}]}, @TIPC_NLA_BEARER={0xa4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x1, @rand_addr=' \x01\x00', 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x101, @loopback, 0xaf0}}}}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'veth0_vlan\x00'}}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0xc8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x16}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'eth', 0x3a, 'batadv_slave_1\x00'}}]}]}, 0x414}, 0x1, 0x0, 0x0, 0x4000840}, 0x44004) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$SIOCGETVIFCNT(r0, 0x89e0, &(0x7f00000000c0))
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:55 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r0=>0x0}) (async, rerun: 64)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80) (rerun: 64)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async, rerun: 32)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r0, r1, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30) (rerun: 32)

14:32:55 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x18000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:55 executing program 0:
r0 = socket(0x1f, 0x80000, 0xff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="9c000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fddbdf2509000000580001800800090031000000060004003a23000e080005000400000008000800030000000600010002000000060002003300000008000b0073697000070006007368000014000300ffffffff000000000000000000000000240001800c00070034000000020000000a0006006c626c017200000008000800060000000c00038006000400fdff000058a64e36d80e2cb9777ba8d0a7be003156631e4b5a4a8f6008d01f9b015ceaaff3979c524b97a12952d0b3a164d9e32a4b3aa3ad8d232c91a3fef7c006afec3ffa498b2cfc03cf"], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/120, &(0x7f0000000080)=0x78)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xd, 0x3, 0x0, 0x0, 0x601, 0xffffffffffffffff, 0x40}, 0x48)
bind$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
socket(0x1f, 0x80000, 0xff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="9c000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fddbdf2509000000580001800800090031000000060004003a23000e080005000400000008000800030000000600010002000000060002003300000008000b0073697000070006007368000014000300ffffffff000000000000000000000000240001800c00070034000000020000000a0006006c626c017200000008000800060000000c00038006000400fdff000058a64e36d80e2cb9777ba8d0a7be003156631e4b5a4a8f6008d01f9b015ceaaff3979c524b97a12952d0b3a164d9e32a4b3aa3ad8d232c91a3fef7c006afec3ffa498b2cfc03cf"], 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) (async)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/120, &(0x7f0000000080)=0x78) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xd, 0x3, 0x0, 0x0, 0x601, 0xffffffffffffffff, 0x40}, 0x48) (async)
bind$bt_sco(r0, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) (async)

14:32:55 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080))
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f00000002c0))
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ee0267db", @ANYRES16=r0, @ANYBLOB="000426bd7000ffdbdf250500000008003100d70000000a000900000000000000000005002e0001000000080032000700000005002f000100000008002b0005000000"], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x810)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f0000000000)=[{0x3a, 0x3, 0x3b, 0xff}, {0x1, 0x9, 0xb1, 0x5}, {0x2, 0x6, 0x9, 0x1}, {0x1f, 0x3f, 0x80, 0x8e7}, {0xbd6, 0x5, 0xf6, 0x7}]})
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x20, 0x1f, @vifc_lcl_ifindex, @remote}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f00000002c0)) (async)
sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ee0267db", @ANYRES16=r0, @ANYBLOB="000426bd7000ffdbdf250500000008003100d70000000a000900000000000000000005002e0001000000080032000700000005002f000100000008002b0005000000"], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x810) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x5, &(0x7f0000000000)=[{0x3a, 0x3, 0x3b, 0xff}, {0x1, 0x9, 0xb1, 0x5}, {0x2, 0x6, 0x9, 0x1}, {0x1f, 0x3f, 0x80, 0x8e7}, {0xbd6, 0x5, 0xf6, 0x7}]}) (async)
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff) (async)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x20, 0x1f, @vifc_lcl_ifindex, @remote}, 0x10) (async)

14:32:55 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 46)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:55 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x19000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1326.113833][T24600] FAULT_INJECTION: forcing a failure.
[ 1326.113833][T24600] name failslab, interval 1, probability 0, space 0, times 0
[ 1326.142494][T24600] CPU: 1 PID: 24600 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1326.154318][T24600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1326.164371][T24600] Call Trace:
[ 1326.167667][T24600]  dump_stack_lvl+0x1e2/0x24b
[ 1326.172354][T24600]  ? panic+0x7d7/0x7d7
[ 1326.176421][T24600]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1326.181902][T24600]  dump_stack+0x15/0x17
[ 1326.186058][T24600]  should_fail+0x3c0/0x510
[ 1326.190480][T24600]  __should_failslab+0x9f/0xe0
[ 1326.195247][T24600]  should_failslab+0x9/0x20
[ 1326.199742][T24600]  kmem_cache_alloc+0x3f/0x300
[ 1326.204516][T24600]  ? __kernfs_new_node+0xdb/0x6e0
[ 1326.209556][T24600]  __kernfs_new_node+0xdb/0x6e0
[ 1326.214411][T24600]  ? kernfs_new_node+0x170/0x170
[ 1326.219344][T24600]  ? __kasan_check_write+0x14/0x20
[ 1326.224447][T24600]  ? _raw_spin_lock+0xa3/0x1b0
[ 1326.229210][T24600]  ? __radix_tree_preload+0x361/0x3e0
[ 1326.234583][T24600]  kernfs_new_node+0x97/0x170
[ 1326.239253][T24600]  __kernfs_create_file+0x4a/0x270
[ 1326.244447][T24600]  sysfs_add_file_mode_ns+0x273/0x320
[ 1326.249902][T24600]  internal_create_group+0x55e/0xf50
[ 1326.255193][T24600]  ? sysfs_create_group+0x30/0x30
[ 1326.260211][T24600]  ? kernfs_put+0x48/0x540
[ 1326.264625][T24600]  ? kernfs_create_link+0x1a0/0x210
[ 1326.269819][T24600]  sysfs_create_groups+0x5d/0x130
[ 1326.274843][T24600]  device_add_attrs+0x8b/0x3e0
[ 1326.279604][T24600]  ? device_add_class_symlinks+0x27c/0x2a0
[ 1326.285667][T24600]  device_add+0x4e6/0xbd0
[ 1326.290002][T24600]  device_create+0x258/0x2e0
[ 1326.294594][T24600]  ? root_device_unregister+0x80/0x80
[ 1326.299962][T24600]  ? number+0xd9b/0x1040
[ 1326.304202][T24600]  bdi_register_va+0x94/0x600
[ 1326.308875][T24600]  bdi_register+0xd1/0x120
[ 1326.313288][T24600]  ? __device_add_disk+0x536/0x11d0
[ 1326.318484][T24600]  ? bdi_register_va+0x600/0x600
[ 1326.323417][T24600]  ? vsnprintf+0x1bfd/0x1cd0
[ 1326.328001][T24600]  ? __kasan_check_read+0x11/0x20
[ 1326.333019][T24600]  ? blk_alloc_devt+0xd4/0x320
[ 1326.337781][T24600]  __device_add_disk+0x5cb/0x11d0
[ 1326.342800][T24600]  ? device_add_disk+0x40/0x40
[ 1326.347562][T24600]  ? loop_add+0x380/0x760
[ 1326.351896][T24600]  ? vsprintf+0x40/0x40
[ 1326.356047][T24600]  device_add_disk+0x2a/0x40
[ 1326.360628][T24600]  loop_add+0x58f/0x760
[ 1326.364780][T24600]  loop_control_ioctl+0x564/0x740
[ 1326.369794][T24600]  ? loop_remove+0xb0/0xb0
[ 1326.374202][T24600]  ? __fget_files+0x310/0x370
[ 1326.378871][T24600]  ? security_file_ioctl+0xb1/0xd0
[ 1326.383986][T24600]  ? loop_remove+0xb0/0xb0
[ 1326.388394][T24600]  __se_sys_ioctl+0x115/0x190
[ 1326.393064][T24600]  __x64_sys_ioctl+0x7b/0x90
[ 1326.397647][T24600]  do_syscall_64+0x34/0x70
[ 1326.402058][T24600]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1326.407943][T24600] RIP: 0033:0x7f77b238e0d9
14:32:55 executing program 0:
r0 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$clear(0x7, r0)
keyctl$search(0xa, r0, &(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0xffffffffffffffff)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:55 executing program 0:
r0 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$clear(0x7, r0)
keyctl$search(0xa, r0, &(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0xffffffffffffffff) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:55 executing program 0:
r0 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$clear(0x7, r0)
keyctl$search(0xa, r0, &(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0xffffffffffffffff) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:32:55 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x80, 0x80000003, 0x401, 0x1102, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0xe}, 0x48)
r0 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r0, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r1, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r6 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r7)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000007c0)={'ip_vti0\x00', &(0x7f0000000780)={'gretap0\x00', <r8=>r2, 0x7800, 0x1, 0x7fffffff, 0xfffffff9, {{0x7, 0x4, 0x1, 0x35, 0x1c, 0x66, 0x0, 0x8, 0x2f, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010100, {[@generic={0x86, 0x6, "91c8007c"}]}}}}})
sendmsg$ETHTOOL_MSG_DEBUG_GET(r7, &(0x7f0000000a00)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000800)={0x1bc, 0x0, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4}, 0x10000880)
ioctl$RTC_UIE_OFF(r6, 0x7004)
ioctl$RTC_WIE_OFF(r6, 0x7010)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'tunl0\x00', <r9=>0x0, 0x20, 0x1, 0x8, 0x8000, {{0x10, 0x4, 0x0, 0x16, 0x40, 0x65, 0x0, 0x6, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, {[@rr={0x7, 0x2b, 0x2b, [@multicast2, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x27}, @private=0xa010101, @private=0xa010102, @multicast1, @private=0xa010100, @private=0xa010101, @multicast2, @empty]}]}}}}})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004080}, 0x40080)

14:32:55 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x80, 0x80000003, 0x401, 0x1102, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0xe}, 0x48)
r0 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 32)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r1, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async, rerun: 32)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r6 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r7)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000007c0)={'ip_vti0\x00', &(0x7f0000000780)={'gretap0\x00', <r8=>r2, 0x7800, 0x1, 0x7fffffff, 0xfffffff9, {{0x7, 0x4, 0x1, 0x35, 0x1c, 0x66, 0x0, 0x8, 0x2f, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010100, {[@generic={0x86, 0x6, "91c8007c"}]}}}}})
sendmsg$ETHTOOL_MSG_DEBUG_GET(r7, &(0x7f0000000a00)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000800)={0x1bc, 0x0, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4}, 0x10000880) (async)
ioctl$RTC_UIE_OFF(r6, 0x7004)
ioctl$RTC_WIE_OFF(r6, 0x7010)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'tunl0\x00', <r9=>0x0, 0x20, 0x1, 0x8, 0x8000, {{0x10, 0x4, 0x0, 0x16, 0x40, 0x65, 0x0, 0x6, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, {[@rr={0x7, 0x2b, 0x2b, [@multicast2, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x27}, @private=0xa010101, @private=0xa010102, @multicast1, @private=0xa010100, @private=0xa010101, @multicast2, @empty]}]}}}}})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004080}, 0x40080)

[ 1326.412350][T24600] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1326.431954][T24600] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1326.440368][T24600] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1326.448341][T24600] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1326.456315][T24600] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
14:32:55 executing program 5:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000006c0)={0x20, r3, 0x101, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}}, 0x0)
sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f00000006c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10400900}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x414, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x1a0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "1fc474a7a490baeec58f78b50983e4f82faf439ef377015e8202686aab"}}, @TIPC_NLA_NODE_ID={0x13, 0x3, "4577e4e2eb5af8838a3ff1bdf243ae"}, @TIPC_NLA_NODE_ID={0xec, 0x3, "1121bf79bc9a82cf4f4e45b9fac0480cd9be7fa59b9d73c30d5d88f86e869a3e053e45fc751f32b353885c9c4ccf1da5c4586e257a7eeb77aede5fa97a892858e322c79f38e6419596116ab0e832bcb2cc8273b10635c958f20709491ec8da7aa8b7c7138a98e03c75a130650965bc3c25c8f9b33e3480757fe47c9ddd62631bee54f7808cdd99daa06af6eff5cf97c12d7a80ec6e5a93247bcb3ce6c909ed620da3492f34c640b268a91e0d6d238b82307ca9d58254a943f988387bd9bbe65cfe64f7388ed2daa9f887b551af52428238694f933426d33c8ae8bbb3e7b695f9ad5bc7e6b3d7595a"}, @TIPC_NLA_NODE_ID={0x3b, 0x3, "1a186970b3876fb8de3f557f7ae8a846c62093fb30b00ff34b9b6a4d7fbcfbaf80ec7f2372d69e58ef9a985dfb7f42556a06065b6f3e3b"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @private=0xa010100}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x80, @private2={0xfc, 0x2, '\x00', 0x1}, 0x64b}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x43}, 0x64eb}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'virt_wifi0\x00'}}]}, @TIPC_NLA_LINK={0x30, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x759f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}]}]}, @TIPC_NLA_BEARER={0xa4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x1, @rand_addr=' \x01\x00', 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x101, @loopback, 0xaf0}}}}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'veth0_vlan\x00'}}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0xc8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x16}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'eth', 0x3a, 'batadv_slave_1\x00'}}]}]}, 0x414}, 0x1, 0x0, 0x0, 0x4000840}, 0x44004) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
ioctl$SIOCGETVIFCNT(r0, 0x89e0, &(0x7f00000000c0)) (async)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1326.464368][T24600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1326.472330][T24600] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1326.483292][T24600] ------------[ cut here ]------------
[ 1326.489027][T24600] WARNING: CPU: 0 PID: 24600 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1326.525131][T24600] Modules linked in:
[ 1326.529163][T24600] CPU: 0 PID: 24600 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1326.540969][T24600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1326.551175][T24600] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1326.557137][T24600] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1326.577233][T24600] RSP: 0018:ffffc9000638fbc0 EFLAGS: 00010287
[ 1326.583360][T24600] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1326.591431][T24600] RDX: ffffc90001b10000 RSI: 000000000002c7fe RDI: 000000000002c7ff
[ 1326.599650][T24600] RBP: ffffc9000638fd08 R08: ffffffff82410506 R09: ffffc9000638f610
[ 1326.607676][T24600] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1326.615713][T24600] R13: ffff888110a50000 R14: ffff888110a57338 R15: ffff888110a57000
[ 1326.623825][T24600] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1326.633098][T24600] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1326.639740][T24600] CR2: 00007ffdc95dffc8 CR3: 000000010c92e000 CR4: 00000000003506a0
[ 1326.647738][T24600] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1326.655758][T24600] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1326.663745][T24600] Call Trace:
[ 1326.667187][T24600]  ? device_add_disk+0x40/0x40
[ 1326.671980][T24600]  ? loop_add+0x380/0x760
[ 1326.676435][T24600]  ? vsprintf+0x40/0x40
[ 1326.680705][T24600]  device_add_disk+0x2a/0x40
[ 1326.685292][T24600]  loop_add+0x58f/0x760
[ 1326.689484][T24600]  loop_control_ioctl+0x564/0x740
[ 1326.694519][T24600]  ? loop_remove+0xb0/0xb0
[ 1326.698959][T24600]  ? __fget_files+0x310/0x370
[ 1326.703778][T24600]  ? security_file_ioctl+0xb1/0xd0
[ 1326.708941][T24600]  ? loop_remove+0xb0/0xb0
[ 1326.713380][T24600]  __se_sys_ioctl+0x115/0x190
[ 1326.718088][T24600]  __x64_sys_ioctl+0x7b/0x90
[ 1326.722695][T24600]  do_syscall_64+0x34/0x70
[ 1326.727144][T24600]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1326.733044][T24600] RIP: 0033:0x7f77b238e0d9
[ 1326.737482][T24600] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1326.757265][T24600] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1326.765723][T24600] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1326.773709][T24600] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1326.781787][T24600] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1326.789790][T24600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1326.797973][T24600] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1326.805991][T24600] ---[ end trace 36e3028cd67c66d6 ]---
[ 1326.850916][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:32:56 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r0=>0x0})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r0, r1, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r0, r1, 0x0, 0x1, &(0x7f0000000040)='\x00'}, 0x30) (async)

14:32:56 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x80, 0x80000003, 0x401, 0x1102, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0xe}, 0x48)
r0 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 32)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x54, r1, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r6 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r7) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000007c0)={'ip_vti0\x00', &(0x7f0000000780)={'gretap0\x00', <r8=>r2, 0x7800, 0x1, 0x7fffffff, 0xfffffff9, {{0x7, 0x4, 0x1, 0x35, 0x1c, 0x66, 0x0, 0x8, 0x2f, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010100, {[@generic={0x86, 0x6, "91c8007c"}]}}}}})
sendmsg$ETHTOOL_MSG_DEBUG_GET(r7, &(0x7f0000000a00)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000800)={0x1bc, 0x0, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x4}, 0x10000880) (async)
ioctl$RTC_UIE_OFF(r6, 0x7004) (async)
ioctl$RTC_WIE_OFF(r6, 0x7010) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'tunl0\x00', <r9=>0x0, 0x20, 0x1, 0x8, 0x8000, {{0x10, 0x4, 0x0, 0x16, 0x40, 0x65, 0x0, 0x6, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, {[@rr={0x7, 0x2b, 0x2b, [@multicast2, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x27}, @private=0xa010101, @private=0xa010102, @multicast1, @private=0xa010100, @private=0xa010101, @multicast2, @empty]}]}}}}})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004080}, 0x40080)

14:32:56 executing program 2:
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETSGCNT(r0, 0x89e1, &(0x7f0000000b40)={@loopback, @multicast2})
syz_open_dev$vcsu(&(0x7f00000000c0), 0x1, 0x20000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020028bd70006a9d7c86f0c1449aff9e85f3df93e9dbdf25050000000600280003000000080034000100008005000000000000000000000000000000000055344811ee8faefd460ebfc187ff90ee51afba7b7b26d838de95b2bf77532720c275160051ffab3a101cc184dad4f97c075fb5cfd76d6a355a6ae8d6f3f016089fb4e328429c9f818d296e14ee09a0f3c33c1396abc6b604048ddd3a6ce6cb3ef50ba7cbd6cec286dcca62dcbdd9b65d794c7a34d8c3fe7e240d0cef6b244928d4c610"], 0x3c}, 0x1, 0x0, 0x0, 0x20004084}, 0x4040)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:56 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 47)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:56 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1a000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1327.068539][T24646] FAULT_INJECTION: forcing a failure.
[ 1327.068539][T24646] name failslab, interval 1, probability 0, space 0, times 0
[ 1327.083687][T24646] CPU: 1 PID: 24646 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1327.095408][T24646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1327.105466][T24646] Call Trace:
[ 1327.108757][T24646]  dump_stack_lvl+0x1e2/0x24b
[ 1327.113438][T24646]  ? panic+0x7d7/0x7d7
14:32:56 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xa, 0x0, 0x0, 0x0, 0x80, 0xffffffffffffffff, 0xb9c, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x80000001, 0x400, 0x200, 0x489, r0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'team0\x00', <r2=>0x0})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[@ANYBLOB="b8aaef14b473a06f347a7c45bc642628b16a9525ee82cc2d62b7a25a57767d8219371a", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, 0x0)
connect$bt_sco(r3, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x1d, 0x8, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x1, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @exit]}, &(0x7f00000004c0)='syzkaller\x00', 0x7fff, 0x0, 0x0, 0x41100, 0xd, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000540)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x4, 0x4, 0x7, 0x9}, 0x10}, 0x80)
r4 = syz_open_dev$vcsu(&(0x7f0000000640), 0x7fffffff, 0x0)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000006c0), r3)
sendmsg$BATADV_CMD_GET_HARDIF(r4, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x64, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xfff}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1a, 0xbe56, 0x0, 0x4a39fb10, 0x60a, r0, 0xa2e9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r6=>0x0})
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
pipe2$watch_queue(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r9, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
connect$bt_sco(r9, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r10 = syz_open_dev$vcsu(&(0x7f0000000240), 0x0, 0x8000)
r11 = syz_open_dev$vcsu(&(0x7f0000000280), 0x8, 0x80)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x80)
r13 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000c00), r8)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c40)={0x9c, r13, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x75}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x2000c889}, 0x24000800)
sendmsg$IPVS_CMD_DEL_DAEMON(r12, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r12, 0x89f1, 0x0)
connect$bt_sco(r12, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x100}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2ad, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0xd, 0x5, 0x0, 0x5}, @generic={0x80, 0x3, 0x2, 0xf0e, 0x10001}, @call={0x85, 0x0, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0x81}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x38}]}, &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x3, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000140)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x2, 0xa, 0x7fff, 0x80000001}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0, r0, r0, r9, r0, r10, r11, r12, 0x1, r0]}, 0x80)
r14 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880), r4)
sendmsg$TIPC_NL_MEDIA_SET(r11, &(0x7f0000000b80)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b40)={&(0x7f00000008c0)={0x25c, r14, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x7c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8ca7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x600}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xee}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}]}]}, @TIPC_NLA_NODE={0xf8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xe4, 0x3, "545cd3d7f90ea9ddc64e73e0754252aa8edc8b7ae6dcb02ec4b7f207c013d3820d72c8a258169c24e7a05c60aa0a66993657df2e405ff3716b424089eb295aa19a86f78914a09a4b32073bdc141e77a8a1587f8041d4079e5e9ebdd710d3fa46202306b4b044463ec04a4b3166e1996cb931844e53c1092cd6f8e14c5bde9930eacb3023e9c6c226bbd2934e93448b9984d2350e322716d94e8cace32c0b20093c0aa062a21a8f048e9c502db17787ba4a73dcbe96b86eafcaa8e7074e3c6d96b25f78ee4d59d911fb7e4d4c5affa4bc7252d75340058e1f03959bff413672b5"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x34, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbff6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}]}, 0x25c}, 0x1, 0x0, 0x0, 0x80000}, 0x1000)

14:32:56 executing program 2:
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETSGCNT(r0, 0x89e1, &(0x7f0000000b40)={@loopback, @multicast2})
syz_open_dev$vcsu(&(0x7f00000000c0), 0x1, 0x20000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020028bd70006a9d7c86f0c1449aff9e85f3df93e9dbdf25050000000600280003000000080034000100008005000000000000000000000000000000000055344811ee8faefd460ebfc187ff90ee51afba7b7b26d838de95b2bf77532720c275160051ffab3a101cc184dad4f97c075fb5cfd76d6a355a6ae8d6f3f016089fb4e328429c9f818d296e14ee09a0f3c33c1396abc6b604048ddd3a6ce6cb3ef50ba7cbd6cec286dcca62dcbdd9b65d794c7a34d8c3fe7e240d0cef6b244928d4c610"], 0x3c}, 0x1, 0x0, 0x0, 0x20004084}, 0x4040)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
socket$igmp(0x2, 0x3, 0x2) (async)
ioctl$SIOCGETSGCNT(r0, 0x89e1, &(0x7f0000000b40)={@loopback, @multicast2}) (async)
syz_open_dev$vcsu(&(0x7f00000000c0), 0x1, 0x20000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020028bd70006a9d7c86f0c1449aff9e85f3df93e9dbdf25050000000600280003000000080034000100008005000000000000000000000000000000000055344811ee8faefd460ebfc187ff90ee51afba7b7b26d838de95b2bf77532720c275160051ffab3a101cc184dad4f97c075fb5cfd76d6a355a6ae8d6f3f016089fb4e328429c9f818d296e14ee09a0f3c33c1396abc6b604048ddd3a6ce6cb3ef50ba7cbd6cec286dcca62dcbdd9b65d794c7a34d8c3fe7e240d0cef6b244928d4c610"], 0x3c}, 0x1, 0x0, 0x0, 0x20004084}, 0x4040) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)

14:32:56 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xa, 0x0, 0x0, 0x0, 0x80, 0xffffffffffffffff, 0xb9c, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x80000001, 0x400, 0x200, 0x489, r0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2}, 0x48) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'team0\x00', <r2=>0x0})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[@ANYBLOB="b8aaef14b473a06f347a7c45bc642628b16a9525ee82cc2d62b7a25a57767d8219371a", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, 0x0) (async)
connect$bt_sco(r3, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x1d, 0x8, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x1, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @exit]}, &(0x7f00000004c0)='syzkaller\x00', 0x7fff, 0x0, 0x0, 0x41100, 0xd, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000540)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x4, 0x4, 0x7, 0x9}, 0x10}, 0x80)
r4 = syz_open_dev$vcsu(&(0x7f0000000640), 0x7fffffff, 0x0) (async)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000006c0), r3)
sendmsg$BATADV_CMD_GET_HARDIF(r4, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x64, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xfff}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1a, 0xbe56, 0x0, 0x4a39fb10, 0x60a, r0, 0xa2e9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r6=>0x0})
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80) (async)
pipe2$watch_queue(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r9, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, 0x0) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
connect$bt_sco(r9, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r10 = syz_open_dev$vcsu(&(0x7f0000000240), 0x0, 0x8000)
r11 = syz_open_dev$vcsu(&(0x7f0000000280), 0x8, 0x80)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x80) (async)
r13 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000c00), r8)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c40)={0x9c, r13, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x75}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x2000c889}, 0x24000800) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r12, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r12, 0x89f1, 0x0) (async)
connect$bt_sco(r12, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x100}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2ad, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0xd, 0x5, 0x0, 0x5}, @generic={0x80, 0x3, 0x2, 0xf0e, 0x10001}, @call={0x85, 0x0, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0x81}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x38}]}, &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x3, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000140)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x2, 0xa, 0x7fff, 0x80000001}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0, r0, r0, r9, r0, r10, r11, r12, 0x1, r0]}, 0x80) (async)
r14 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880), r4)
sendmsg$TIPC_NL_MEDIA_SET(r11, &(0x7f0000000b80)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b40)={&(0x7f00000008c0)={0x25c, r14, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x7c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8ca7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x600}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xee}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}]}]}, @TIPC_NLA_NODE={0xf8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xe4, 0x3, "545cd3d7f90ea9ddc64e73e0754252aa8edc8b7ae6dcb02ec4b7f207c013d3820d72c8a258169c24e7a05c60aa0a66993657df2e405ff3716b424089eb295aa19a86f78914a09a4b32073bdc141e77a8a1587f8041d4079e5e9ebdd710d3fa46202306b4b044463ec04a4b3166e1996cb931844e53c1092cd6f8e14c5bde9930eacb3023e9c6c226bbd2934e93448b9984d2350e322716d94e8cace32c0b20093c0aa062a21a8f048e9c502db17787ba4a73dcbe96b86eafcaa8e7074e3c6d96b25f78ee4d59d911fb7e4d4c5affa4bc7252d75340058e1f03959bff413672b5"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x34, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbff6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}]}, 0x25c}, 0x1, 0x0, 0x0, 0x80000}, 0x1000)

14:32:56 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xa, 0x0, 0x0, 0x0, 0x80, 0xffffffffffffffff, 0xb9c, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x80000001, 0x400, 0x200, 0x489, r0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2}, 0x48) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'team0\x00', <r2=>0x0})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[@ANYBLOB="b8aaef14b473a06f347a7c45bc642628b16a9525ee82cc2d62b7a25a57767d8219371a", @ANYRES16=0x0, @ANYBLOB="000826bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x8000) (async, rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, 0x0) (async, rerun: 64)
connect$bt_sco(r3, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x1d, 0x8, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x1, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @exit]}, &(0x7f00000004c0)='syzkaller\x00', 0x7fff, 0x0, 0x0, 0x41100, 0xd, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000540)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000580)={0x4, 0x4, 0x7, 0x9}, 0x10}, 0x80) (async, rerun: 64)
r4 = syz_open_dev$vcsu(&(0x7f0000000640), 0x7fffffff, 0x0)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000006c0), r3)
sendmsg$BATADV_CMD_GET_HARDIF(r4, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x64, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xfff}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1a, 0xbe56, 0x0, 0x4a39fb10, 0x60a, r0, 0xa2e9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x5}, 0x48) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r6=>0x0}) (async, rerun: 64)
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80) (async)
pipe2$watch_queue(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r9, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async, rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
connect$bt_sco(r9, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r10 = syz_open_dev$vcsu(&(0x7f0000000240), 0x0, 0x8000) (async)
r11 = syz_open_dev$vcsu(&(0x7f0000000280), 0x8, 0x80) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x80) (async)
r13 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000c00), r8)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c40)={0x9c, r13, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x75}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x2000c889}, 0x24000800) (async, rerun: 32)
sendmsg$IPVS_CMD_DEL_DAEMON(r12, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r12, 0x89f1, 0x0) (async)
connect$bt_sco(r12, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x100}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2ad, 0x0, 0x0, 0x0, 0x7}, @map_idx={0x18, 0xd, 0x5, 0x0, 0x5}, @generic={0x80, 0x3, 0x2, 0xf0e, 0x10001}, @call={0x85, 0x0, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0x81}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x38}]}, &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x3, '\x00', r6, 0x0, r7, 0x8, &(0x7f0000000140)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x2, 0xa, 0x7fff, 0x80000001}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0, r0, r0, r9, r0, r10, r11, r12, 0x1, r0]}, 0x80) (async)
r14 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880), r4)
sendmsg$TIPC_NL_MEDIA_SET(r11, &(0x7f0000000b80)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b40)={&(0x7f00000008c0)={0x25c, r14, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x7c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x20}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8ca7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10000}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x600}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xee}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}]}]}, @TIPC_NLA_NODE={0xf8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xe4, 0x3, "545cd3d7f90ea9ddc64e73e0754252aa8edc8b7ae6dcb02ec4b7f207c013d3820d72c8a258169c24e7a05c60aa0a66993657df2e405ff3716b424089eb295aa19a86f78914a09a4b32073bdc141e77a8a1587f8041d4079e5e9ebdd710d3fa46202306b4b044463ec04a4b3166e1996cb931844e53c1092cd6f8e14c5bde9930eacb3023e9c6c226bbd2934e93448b9984d2350e322716d94e8cace32c0b20093c0aa062a21a8f048e9c502db17787ba4a73dcbe96b86eafcaa8e7074e3c6d96b25f78ee4d59d911fb7e4d4c5affa4bc7252d75340058e1f03959bff413672b5"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x80}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x34, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xbff6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}]}, 0x25c}, 0x1, 0x0, 0x0, 0x80000}, 0x1000)

[ 1327.117504][T24646]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1327.123136][T24646]  dump_stack+0x15/0x17
[ 1327.127297][T24646]  should_fail+0x3c0/0x510
[ 1327.131718][T24646]  __should_failslab+0x9f/0xe0
[ 1327.136484][T24646]  should_failslab+0x9/0x20
[ 1327.140987][T24646]  kmem_cache_alloc+0x3f/0x300
[ 1327.145749][T24646]  ? __kernfs_new_node+0xdb/0x6e0
[ 1327.150773][T24646]  __kernfs_new_node+0xdb/0x6e0
[ 1327.155623][T24646]  ? kernfs_new_node+0x170/0x170
[ 1327.160564][T24646]  ? __kasan_check_write+0x14/0x20
14:32:56 executing program 0:
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000040)={'sit0\x00', <r0=>0x0, 0x7, 0x40, 0xfa, 0x2, {{0x31, 0x4, 0x0, 0x1c, 0xc4, 0x66, 0x0, 0xf9, 0x4, 0x0, @broadcast, @remote, {[@lsrr={0x83, 0x17, 0x53, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @rand_addr=0x64010100, @multicast2]}, @end, @ra={0x94, 0x4}, @generic={0x89, 0x5, "de84a9"}, @end, @timestamp={0x44, 0xc, 0x5f, 0x0, 0xa, [0xfffffffa, 0x20]}, @timestamp_addr={0x44, 0x34, 0x6, 0x1, 0x0, [{@empty, 0x7}, {@loopback, 0xfffffff9}, {@private=0xa010101, 0x5}, {@private=0xa010102, 0x1}, {@multicast1, 0x1f}, {@rand_addr=0x64010100, 0x4}]}, @ssrr={0x89, 0x23, 0xd9, [@rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @multicast1, @local, @rand_addr=0x64010101, @rand_addr=0x64010101, @multicast1]}, @timestamp_addr={0x44, 0x14, 0x27, 0x1, 0x3, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3ff}, {@empty, 0x7}]}, @timestamp_addr={0x44, 0x14, 0xc2, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7fff}, {@dev={0xac, 0x14, 0x14, 0x12}, 0x6}]}]}}}}})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x7f, 0x850, 0x7, 0x0, 0xffffffffffffffff, 0x80000000, '\x00', r0, r1, 0x4, 0x0, 0x4, 0xd}, 0x48)

14:32:56 executing program 0:
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000040)={'sit0\x00', <r0=>0x0, 0x7, 0x40, 0xfa, 0x2, {{0x31, 0x4, 0x0, 0x1c, 0xc4, 0x66, 0x0, 0xf9, 0x4, 0x0, @broadcast, @remote, {[@lsrr={0x83, 0x17, 0x53, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @rand_addr=0x64010100, @multicast2]}, @end, @ra={0x94, 0x4}, @generic={0x89, 0x5, "de84a9"}, @end, @timestamp={0x44, 0xc, 0x5f, 0x0, 0xa, [0xfffffffa, 0x20]}, @timestamp_addr={0x44, 0x34, 0x6, 0x1, 0x0, [{@empty, 0x7}, {@loopback, 0xfffffff9}, {@private=0xa010101, 0x5}, {@private=0xa010102, 0x1}, {@multicast1, 0x1f}, {@rand_addr=0x64010100, 0x4}]}, @ssrr={0x89, 0x23, 0xd9, [@rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @multicast1, @local, @rand_addr=0x64010101, @rand_addr=0x64010101, @multicast1]}, @timestamp_addr={0x44, 0x14, 0x27, 0x1, 0x3, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3ff}, {@empty, 0x7}]}, @timestamp_addr={0x44, 0x14, 0xc2, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7fff}, {@dev={0xac, 0x14, 0x14, 0x12}, 0x6}]}]}}}}})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x7f, 0x850, 0x7, 0x0, 0xffffffffffffffff, 0x80000000, '\x00', r0, r1, 0x4, 0x0, 0x4, 0xd}, 0x48)

[ 1327.165673][T24646]  ? _raw_spin_lock+0xa3/0x1b0
[ 1327.170443][T24646]  ? __radix_tree_preload+0x361/0x3e0
[ 1327.175811][T24646]  kernfs_new_node+0x97/0x170
[ 1327.180486][T24646]  __kernfs_create_file+0x4a/0x270
[ 1327.185590][T24646]  sysfs_add_file_mode_ns+0x273/0x320
[ 1327.190948][T24646]  internal_create_group+0x55e/0xf50
[ 1327.196223][T24646]  ? sysfs_create_group+0x30/0x30
[ 1327.201232][T24646]  ? kernfs_put+0x48/0x540
[ 1327.205619][T24646]  ? kernfs_create_link+0x1a0/0x210
[ 1327.210786][T24646]  sysfs_create_groups+0x5d/0x130
[ 1327.215798][T24646]  device_add_attrs+0x8b/0x3e0
[ 1327.220555][T24646]  ? device_add_class_symlinks+0x27c/0x2a0
[ 1327.226346][T24646]  device_add+0x4e6/0xbd0
[ 1327.230656][T24646]  device_create+0x258/0x2e0
[ 1327.235216][T24646]  ? root_device_unregister+0x80/0x80
[ 1327.240557][T24646]  ? number+0xd9b/0x1040
[ 1327.244769][T24646]  bdi_register_va+0x94/0x600
[ 1327.249413][T24646]  bdi_register+0xd1/0x120
[ 1327.253802][T24646]  ? __device_add_disk+0x536/0x11d0
[ 1327.258970][T24646]  ? bdi_register_va+0x600/0x600
[ 1327.263875][T24646]  ? vsnprintf+0x1bfd/0x1cd0
[ 1327.268433][T24646]  ? __kasan_check_read+0x11/0x20
[ 1327.273428][T24646]  ? blk_alloc_devt+0xd4/0x320
[ 1327.278161][T24646]  __device_add_disk+0x5cb/0x11d0
[ 1327.283168][T24646]  ? device_add_disk+0x40/0x40
[ 1327.287903][T24646]  ? loop_add+0x380/0x760
[ 1327.292200][T24646]  ? vsprintf+0x40/0x40
[ 1327.296327][T24646]  device_add_disk+0x2a/0x40
[ 1327.300904][T24646]  loop_add+0x58f/0x760
[ 1327.305032][T24646]  loop_control_ioctl+0x564/0x740
[ 1327.310026][T24646]  ? loop_remove+0xb0/0xb0
[ 1327.314421][T24646]  ? __fget_files+0x310/0x370
[ 1327.319069][T24646]  ? security_file_ioctl+0xb1/0xd0
[ 1327.324158][T24646]  ? loop_remove+0xb0/0xb0
[ 1327.328545][T24646]  __se_sys_ioctl+0x115/0x190
[ 1327.333201][T24646]  __x64_sys_ioctl+0x7b/0x90
[ 1327.337768][T24646]  do_syscall_64+0x34/0x70
[ 1327.342162][T24646]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1327.348034][T24646] RIP: 0033:0x7f77b238e0d9
[ 1327.352428][T24646] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1327.372015][T24646] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1327.380406][T24646] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1327.388358][T24646] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1327.396300][T24646] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1327.404243][T24646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1327.412185][T24646] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1327.420567][T24646] ------------[ cut here ]------------
[ 1327.426681][T24646] WARNING: CPU: 0 PID: 24646 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1327.435860][T24646] Modules linked in:
[ 1327.439804][T24646] CPU: 0 PID: 24646 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1327.451638][T24646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1327.461936][T24646] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1327.467834][T24646] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1327.487890][T24646] RSP: 0018:ffffc9000627fbc0 EFLAGS: 00010287
[ 1327.494039][T24646] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1327.502111][T24646] RDX: ffffc90001b10000 RSI: 0000000000031e34 RDI: 0000000000031e35
[ 1327.510199][T24646] RBP: ffffc9000627fd08 R08: ffffffff82410506 R09: ffffc9000627f610
[ 1327.518266][T24646] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1327.526333][T24646] R13: ffff88811d1a0000 R14: ffff88812bad1338 R15: ffff88812bad1000
[ 1327.534311][T24646] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1327.543746][T24646] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1327.550885][T24646] CR2: 00007ffda4912c08 CR3: 0000000115fce000 CR4: 00000000003506b0
[ 1327.558972][T24646] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1327.567015][T24646] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1327.575318][T24646] Call Trace:
[ 1327.578977][T24646]  ? device_add_disk+0x40/0x40
[ 1327.583762][T24646]  ? loop_add+0x380/0x760
[ 1327.588341][T24646]  ? vsprintf+0x40/0x40
[ 1327.592479][T24646]  device_add_disk+0x2a/0x40
[ 1327.597076][T24646]  loop_add+0x58f/0x760
[ 1327.601224][T24646]  loop_control_ioctl+0x564/0x740
[ 1327.606257][T24646]  ? loop_remove+0xb0/0xb0
[ 1327.610664][T24646]  ? __fget_files+0x310/0x370
[ 1327.615310][T24646]  ? security_file_ioctl+0xb1/0xd0
[ 1327.620424][T24646]  ? loop_remove+0xb0/0xb0
[ 1327.624825][T24646]  __se_sys_ioctl+0x115/0x190
[ 1327.629508][T24646]  __x64_sys_ioctl+0x7b/0x90
[ 1327.634088][T24646]  do_syscall_64+0x34/0x70
[ 1327.638509][T24646]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1327.644391][T24646] RIP: 0033:0x7f77b238e0d9
[ 1327.648810][T24646] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1327.668426][T24646] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1327.676861][T24646] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1327.684825][T24646] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1327.692861][T24646] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1327.700851][T24646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1327.708826][T24646] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1327.716914][T24646] ---[ end trace 36e3028cd67c66d7 ]---
[ 1327.746915][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:32:59 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x16}]})
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000040)='bic\x00', 0x4)
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), r1)

14:32:59 executing program 0:
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000040)={'sit0\x00', <r0=>0x0, 0x7, 0x40, 0xfa, 0x2, {{0x31, 0x4, 0x0, 0x1c, 0xc4, 0x66, 0x0, 0xf9, 0x4, 0x0, @broadcast, @remote, {[@lsrr={0x83, 0x17, 0x53, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @rand_addr=0x64010100, @multicast2]}, @end, @ra={0x94, 0x4}, @generic={0x89, 0x5, "de84a9"}, @end, @timestamp={0x44, 0xc, 0x5f, 0x0, 0xa, [0xfffffffa, 0x20]}, @timestamp_addr={0x44, 0x34, 0x6, 0x1, 0x0, [{@empty, 0x7}, {@loopback, 0xfffffff9}, {@private=0xa010101, 0x5}, {@private=0xa010102, 0x1}, {@multicast1, 0x1f}, {@rand_addr=0x64010100, 0x4}]}, @ssrr={0x89, 0x23, 0xd9, [@rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @multicast1, @local, @rand_addr=0x64010101, @rand_addr=0x64010101, @multicast1]}, @timestamp_addr={0x44, 0x14, 0x27, 0x1, 0x3, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3ff}, {@empty, 0x7}]}, @timestamp_addr={0x44, 0x14, 0xc2, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7fff}, {@dev={0xac, 0x14, 0x14, 0x12}, 0x6}]}]}}}}}) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x7f, 0x850, 0x7, 0x0, 0xffffffffffffffff, 0x80000000, '\x00', r0, r1, 0x4, 0x0, 0x4, 0xd}, 0x48)

14:32:59 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1b000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:32:59 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 48)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:32:59 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000000)={0x3b})

14:32:59 executing program 2:
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETSGCNT(r0, 0x89e1, &(0x7f0000000b40)={@loopback, @multicast2})
syz_open_dev$vcsu(&(0x7f00000000c0), 0x1, 0x20000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020028bd70006a9d7c86f0c1449aff9e85f3df93e9dbdf25050000000600280003000000080034000100008005000000000000000000000000000000000055344811ee8faefd460ebfc187ff90ee51afba7b7b26d838de95b2bf77532720c275160051ffab3a101cc184dad4f97c075fb5cfd76d6a355a6ae8d6f3f016089fb4e328429c9f818d296e14ee09a0f3c33c1396abc6b604048ddd3a6ce6cb3ef50ba7cbd6cec286dcca62dcbdd9b65d794c7a34d8c3fe7e240d0cef6b244928d4c610"], 0x3c}, 0x1, 0x0, 0x0, 0x20004084}, 0x4040) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:32:59 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000000)={0x3b})

14:32:59 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x6}, 0x48)

14:32:59 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1c000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1329.865795][T24688] FAULT_INJECTION: forcing a failure.
[ 1329.865795][T24688] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1329.883637][   T23] kauditd_printk_skb: 16 callbacks suppressed
[ 1329.883649][   T23] audit: type=1326 audit(1669991579.329:1901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24684 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1329.884528][T24688] CPU: 1 PID: 24688 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1329.924832][T24688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1329.934868][T24688] Call Trace:
[ 1329.938150][T24688]  dump_stack_lvl+0x1e2/0x24b
[ 1329.942811][T24688]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1329.948248][T24688]  ? is_bpf_text_address+0x1a2/0x1c0
[ 1329.953510][T24688]  dump_stack+0x15/0x17
[ 1329.957663][T24688]  should_fail+0x3c0/0x510
[ 1329.962065][T24688]  should_fail_alloc_page+0x50/0x60
[ 1329.967237][T24688]  __alloc_pages_nodemask+0x1c0/0x890
[ 1329.972587][T24688]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1329.978111][T24688]  allocate_slab+0x78/0x540
[ 1329.982590][T24688]  ___slab_alloc+0x131/0x2e0
[ 1329.987161][T24688]  ? __kernfs_new_node+0xdb/0x6e0
[ 1329.992162][T24688]  __slab_alloc+0x63/0xa0
[ 1329.996467][T24688]  ? __kernfs_new_node+0xdb/0x6e0
[ 1330.001466][T24688]  kmem_cache_alloc+0x1ef/0x300
[ 1330.006294][T24688]  ? __kernfs_new_node+0xdb/0x6e0
[ 1330.011295][T24688]  __kernfs_new_node+0xdb/0x6e0
[ 1330.016151][T24688]  ? kernfs_new_node+0x170/0x170
[ 1330.021075][T24688]  ? __kasan_check_write+0x14/0x20
[ 1330.026172][T24688]  ? _raw_spin_lock+0xa3/0x1b0
[ 1330.030915][T24688]  ? __radix_tree_preload+0x361/0x3e0
[ 1330.036363][T24688]  kernfs_new_node+0x97/0x170
[ 1330.041019][T24688]  __kernfs_create_file+0x4a/0x270
[ 1330.046107][T24688]  sysfs_add_file_mode_ns+0x273/0x320
[ 1330.051457][T24688]  internal_create_group+0x55e/0xf50
[ 1330.056722][T24688]  ? sysfs_create_group+0x30/0x30
[ 1330.061748][T24688]  ? kernfs_put+0x48/0x540
[ 1330.066143][T24688]  ? kernfs_create_link+0x1a0/0x210
[ 1330.071321][T24688]  sysfs_create_groups+0x5d/0x130
[ 1330.076321][T24688]  device_add_attrs+0x8b/0x3e0
[ 1330.081065][T24688]  ? device_add_class_symlinks+0x27c/0x2a0
[ 1330.086851][T24688]  device_add+0x4e6/0xbd0
[ 1330.091189][T24688]  device_create+0x258/0x2e0
[ 1330.095755][T24688]  ? root_device_unregister+0x80/0x80
[ 1330.101102][T24688]  ? number+0xd9b/0x1040
[ 1330.105408][T24688]  bdi_register_va+0x94/0x600
[ 1330.110059][T24688]  bdi_register+0xd1/0x120
[ 1330.114455][T24688]  ? __device_add_disk+0x536/0x11d0
[ 1330.119632][T24688]  ? bdi_register_va+0x600/0x600
[ 1330.124545][T24688]  ? vsnprintf+0x1bfd/0x1cd0
[ 1330.129113][T24688]  ? __kasan_check_read+0x11/0x20
[ 1330.134292][T24688]  ? blk_alloc_devt+0xd4/0x320
[ 1330.139034][T24688]  __device_add_disk+0x5cb/0x11d0
[ 1330.144037][T24688]  ? device_add_disk+0x40/0x40
[ 1330.148776][T24688]  ? loop_add+0x380/0x760
[ 1330.153083][T24688]  ? vsprintf+0x40/0x40
[ 1330.157217][T24688]  device_add_disk+0x2a/0x40
[ 1330.161782][T24688]  loop_add+0x58f/0x760
[ 1330.165924][T24688]  loop_control_ioctl+0x564/0x740
[ 1330.170925][T24688]  ? loop_remove+0xb0/0xb0
[ 1330.175322][T24688]  ? __fget_files+0x310/0x370
[ 1330.179974][T24688]  ? security_file_ioctl+0xb1/0xd0
[ 1330.185063][T24688]  ? loop_remove+0xb0/0xb0
[ 1330.189456][T24688]  __se_sys_ioctl+0x115/0x190
[ 1330.194113][T24688]  __x64_sys_ioctl+0x7b/0x90
[ 1330.198682][T24688]  do_syscall_64+0x34/0x70
[ 1330.203077][T24688]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1330.208945][T24688] RIP: 0033:0x7f77b238e0d9
[ 1330.213343][T24688] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1330.232925][T24688] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1330.241320][T24688] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1330.249358][T24688] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1330.257319][T24688] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
14:32:59 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x6}, 0x48)

14:32:59 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="e2942b36381e24000000", @ANYRES16=r1, @ANYBLOB="01000000000000001b000008009a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r4)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r3, @ANYBLOB="00012abd7000fddbdf25090000000800040005000000080005002a0700005400028008000700ff0000000800050001040000080003000400000008000500ff7f0000060002004e200000080003000200000008000700d505000005000d00000000000800050007000000060002004e2300000800050006000000080005001247142b140003800600040001010000080001000200000008000500000000003400018008000500040000000c000700340000001a000000090006006e6f6e6500000000080008000300000008000b0073697000080004007f000000"], 0xe0}, 0x1, 0x0, 0x0, 0x4}, 0x20004000)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r5)
sendmsg$NL80211_CMD_GET_KEY(r5, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x70, r1, 0x8, 0x74bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d8c497ba6e975a13f1e493aa0e"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "4f15fe4f4cf378f3a6a6ce9bc0"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x2c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x200440d0}, 0x40000c0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40810}, 0x8005)

14:32:59 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x6}, 0x48)

[ 1330.265266][T24688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1330.273215][T24688] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1330.288511][   T23] audit: type=1326 audit(1669991579.729:1902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24692 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1330.334187][   T23] audit: type=1326 audit(1669991579.739:1903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24692 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
[ 1330.359341][   T23] audit: type=1326 audit(1669991579.779:1904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24692 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1330.394339][   T23] audit: type=1326 audit(1669991579.839:1905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24705 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1330.447351][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:33:00 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x16}]}) (async, rerun: 32)
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000040)='bic\x00', 0x4) (async, rerun: 32)
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x6) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async, rerun: 32)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), r1) (rerun: 32)

14:33:00 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000000)={0x3b})

14:33:00 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1d000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:00 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', <r0=>0x0})
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r4 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r4, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r7 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r7, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r7, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r9=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r8, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xf0, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x28080}, 0x48)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r7)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000340)={0x44, r10, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000041}, 0x800)

14:33:00 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 49)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:00 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1e000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:00 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0)
[ 1330.617074][T24715] FAULT_INJECTION: forcing a failure.
[ 1330.617074][T24715] name failslab, interval 1, probability 0, space 0, times 0
[ 1330.631302][T24715] CPU: 0 PID: 24715 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1330.643024][T24715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1330.653075][T24715] Call Trace:
[ 1330.656368][T24715]  dump_stack_lvl+0x1e2/0x24b
[ 1330.661055][T24715]  ? panic+0x7d7/0x7d7
[ 1330.665206][T24715]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1330.670670][T24715]  ? selinux_kernfs_init_security+0x1a8/0x760
[ 1330.676738][T24715]  dump_stack+0x15/0x17
[ 1330.680892][T24715]  should_fail+0x3c0/0x510
[ 1330.685302][T24715]  __should_failslab+0x9f/0xe0
[ 1330.690231][T24715]  should_failslab+0x9/0x20
[ 1330.694724][T24715]  kmem_cache_alloc+0x3f/0x300
[ 1330.699487][T24715]  ? __kernfs_new_node+0xdb/0x6e0
[ 1330.704513][T24715]  __kernfs_new_node+0xdb/0x6e0
[ 1330.709360][T24715]  ? __kasan_check_write+0x14/0x20
[ 1330.714459][T24715]  ? mutex_lock+0xb2/0x1e0
[ 1330.718866][T24715]  ? mutex_trylock+0x180/0x180
[ 1330.723618][T24715]  ? kernfs_new_node+0x170/0x170
[ 1330.728545][T24715]  ? __kasan_check_write+0x14/0x20
[ 1330.733651][T24715]  ? mutex_unlock+0x29/0xf0
[ 1330.738146][T24715]  ? kernfs_activate+0x409/0x420
[ 1330.743174][T24715]  kernfs_new_node+0x97/0x170
[ 1330.747859][T24715]  __kernfs_create_file+0x4a/0x270
[ 1330.752969][T24715]  sysfs_add_file_mode_ns+0x273/0x320
[ 1330.758341][T24715]  internal_create_group+0x55e/0xf50
[ 1330.763633][T24715]  ? sysfs_create_group+0x30/0x30
[ 1330.768643][T24715]  ? kernfs_put+0x48/0x540
[ 1330.773055][T24715]  ? kernfs_create_link+0x1a0/0x210
[ 1330.778265][T24715]  sysfs_create_groups+0x5d/0x130
[ 1330.783276][T24715]  device_add_attrs+0x8b/0x3e0
[ 1330.788014][T24715]  ? device_add_class_symlinks+0x27c/0x2a0
[ 1330.793794][T24715]  device_add+0x4e6/0xbd0
[ 1330.798108][T24715]  device_create+0x258/0x2e0
[ 1330.802669][T24715]  ? root_device_unregister+0x80/0x80
[ 1330.808011][T24715]  ? number+0xd9b/0x1040
[ 1330.812225][T24715]  bdi_register_va+0x94/0x600
[ 1330.816873][T24715]  bdi_register+0xd1/0x120
[ 1330.821260][T24715]  ? __device_add_disk+0x536/0x11d0
[ 1330.826424][T24715]  ? bdi_register_va+0x600/0x600
[ 1330.831331][T24715]  ? vsnprintf+0x1bfd/0x1cd0
[ 1330.835889][T24715]  ? __kasan_check_read+0x11/0x20
[ 1330.840882][T24715]  ? blk_alloc_devt+0xd4/0x320
[ 1330.845615][T24715]  __device_add_disk+0x5cb/0x11d0
[ 1330.850610][T24715]  ? device_add_disk+0x40/0x40
[ 1330.855340][T24715]  ? loop_add+0x380/0x760
[ 1330.859654][T24715]  ? vsprintf+0x40/0x40
[ 1330.863780][T24715]  device_add_disk+0x2a/0x40
[ 1330.868342][T24715]  loop_add+0x58f/0x760
[ 1330.872472][T24715]  loop_control_ioctl+0x564/0x740
[ 1330.877463][T24715]  ? loop_remove+0xb0/0xb0
[ 1330.881849][T24715]  ? __fget_files+0x310/0x370
[ 1330.886498][T24715]  ? security_file_ioctl+0xb1/0xd0
[ 1330.891603][T24715]  ? loop_remove+0xb0/0xb0
[ 1330.895992][T24715]  __se_sys_ioctl+0x115/0x190
[ 1330.900726][T24715]  __x64_sys_ioctl+0x7b/0x90
[ 1330.905286][T24715]  do_syscall_64+0x34/0x70
[ 1330.909674][T24715]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1330.915535][T24715] RIP: 0033:0x7f77b238e0d9
[ 1330.919925][T24715] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1330.939498][T24715] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1330.947880][T24715] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1330.955825][T24715] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000002180)={&(0x7f0000002200)={0x20a8, r2, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x40, 0x6b}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x1f}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x286}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}], @NL80211_ATTR_CSA_IES={0x1360, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_FTM_RESPONDER={0x278, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x69, 0x2, "3a4f1323d6d5e79f353e199bc7b3538a21c2e1ed1d3efe7abd81ba6091fff072ebd4e973db5e6764b06d61a52c70a11a6e86e58b0a1dd4cb2106b264132b32732c7c904d5b072c7c2015f9acb604cf8e4fcf81e3240871623a95491a2463bcdb190a7539b1"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x83, 0x3, "2a0de473d5ca5a521411cda2d23d91939583743356f2d53f581f9dedb0f4343f334526bc7b148e197e5b99a8b227d31324f01562e7d7507ea241cf002da85fbf7284c65995cb9d478e02d952fe35008490ee6f57e58711f31a8cd2e1acf54ab7f4b058e3c78e32cdfece2ac3f0685b48ce3e3a6539e8fb390a1b4757abf1bd"}, @NL80211_FTM_RESP_ATTR_LCI={0xdb, 0x2, "a479ec7af5d55fdf46d7c5f5a824dd5e15ea79b21c2f8ef2849121567a1da5036a3418513a6731e507897ba27e6f0aabf75eca799907cc637a0ec82a3d622befb74aa5ed182e378c60fae239bc310a78da9c9cc9f28c0a54d203f98ca62ed0130fd9965df52f1a39ddb738cd63a142b146bc08fc415ad50280795fd9523cb6d84912fa2793f21a015d71c4a718019e6811dedb2f11d515b586bf9a3c9bd8d2401cce5469e60cb6d01cc0523d961d37572e59fe15fcc59e365a96c23496ca123fc6ef6d8f0ac53a6ea750ca2e27110c53a0a0c8339ad60a"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xa7, 0x3, "95693636fb79800fcd53eb05cfa721e0017f43fce5c1c42ffb3d0fea8814573966578ab1abfc96875eaa1dbc4ba2b01b898d9d3ad33054022dcd066adef35e032ea5bf149855d3afc690b43cec92f5793d32d01e924e85c2eea47908a7a9dcac026748bda4e8227e3c3da8821c8f92c9dfe6e29a41b54746baf802b546ca769c02f9494e4f62fa2e5e8207612dd3014c17940b6323fd6c33dcce5077f6530080b72b64"}]}, @NL80211_ATTR_PROBE_RESP={0x500, 0x91, "d9f0d942afa1ad3285d686fb56cb6fbf17f117ba1b0ceff669e64de6a137bb3823ad67cd4cffbdac1bb0711389d6e6156c094265ac8727b03c221d6e27d8cba4b0e69753a52b493c291ecd80921a07277bd8129ae6d6aef3b4d9013da948cf877fd257d6eb5c0c7653981dfd7d481f4403ed479c7d93d215631d5ed8ae64e2feac046d9c4d2edb304d3e66878b527d7bbd2777741f593b8161322d552b0306ee6fe2cd5a132cd007b3e2a5907286fef4e0424d5d04c102ec901db086de0cd55175e817123c4f43f6af036ad5e82f6535002d39b3b68a5b86bcab1ca69a3fda7a3c739b79610e34c7027e2abd51079983834e1ef21bfe3f7b7437d364c2d5daf399d1708a6322c33ea1422d07a34fa14d651753053166ec52209e04bd88b7c551f9d3222232f5a88cc05c73573a733bb5c5cadc37e15bd8530a10df8c4c668e1fe3d0aa8517f24430ac7e7df270a8512b7e03234e2bef3d4463bc11e781ef8bccce93d9b103f7b48922c6af16f22f0869c31bab2917082a61e03aa5d4cd99087282990a7ff3abecd02a60e3fc0e09faa43343cf7fdb141e48bf5804a0f532a248a9e53883c8c0f904b5fc0938931fed55d1127737914a274a88c2aff97c7855a615c044cda000a6c4b0c018ed95c995eaa9af4e6e9cedfb408d376114f2a47a07e51cb7c650f15e8cdbbfd8eaac041eced83fa1403875a7899ab145bb718df32b79fd8b51c239918e00372578ddca7d84cf45d4d7d320c7ab611f7f6baf256b30df2ef63ae7cca7a19a6658fdc03dfe90c895d61c6b80450a87eebbf65f9ca10fb711e17143447fd5bf3dedaeddc35ce11f6388d5e98a1bed56e7bd5285f5e22b1c5746d2f0d822c31ae9b768b2f0afa2bde54df4bef2ee1e706fac504eae682c162ae8f728d4b44611514d2eaab4af757bc4feb6071b5b29f347ce0ad4daadaa8bca9675ab245047678cd996bbfd591d20bc801e5a76b3aeddb639b28062a66d2829e962939ec07be3a6c02c419bbc58935d5cc16073160ae20f98c65177c742ef164c9c9d771d497ff3beec67701f382f5c91d61f8b73c0bf091404eeb3f38db0a699b56c097d5b6b4042b8417082d46dc65a8f12c52622abb0bd0384b31cf26ce6571027161677afccf5679b145a6c5d18e1adc54353634db70cf33c9ab83a03630e382b9f484789b1ac0cfdf820245dd603fc6f83bff30c93a1af84b7b7f5b38feeebf8acc9bc3084ee60a226424843705d7839dc2b42621ea6401f7842a876e0087fea677eae7be3c7e7c48a632df6f362ca530127bf57f1dd999538d39246254a16a94b4b08a7713a3fb226062badaf18c264e969b40378745a8547c927b1f96d83160fffd5748dcd2be289cb6a88d353016abeffa0b5887a8ec64a0d3ef19edd506c4d44406bc50ba7cf4c1cfb85be9627b1bbc0dda28394b41f0ab8c91e67e05997198f28bcc841a824db08c59f27de2bff9454051e1b3abe3096179794b294fa90b98ad7e2c49e52cc1a9dc5a2bb55f4fe2257a3ae10e0e70c161c408814df329e23cf2e2225a1b8f85a699179a4a347add329e3f9cf6c1e9af0249921e827c6360111c02b320b7f7a013c863b8766c10bc0582bdbb0f09e860d5621763aaa4544e07dc5a8bb1b667d1d080b3d4dfc73003072059d37d9268365991b3fd864a60ed2d6e7fd459fbb5df11af2f6cefb33a0c439a2ef65c3bf3495522283f381089b86ad839ebbe0274b35ea870dfeee2c76052d6f4520de1bda4bb5e29471cb7cd51f0511f202b7244276c08903f055e46cc877388839d0df"}, @NL80211_ATTR_PROBE_RESP={0x76c, 0x91, "414c0102276a7b1950b17928d8859e863acf4ac76ddef67bc20aca4831ef898a72c9c01037acde477b5aedefaaf5f173f46ea6c36ce67b8af0ca945c8ddbee58f26c1c6bd6976dfd48582c4f4c9c19ebffbe12e38e37372a8f6bece71937135a10512b2e94243c88ae8f1cc592607b78398b5d23bc71e835903397f4a96d93988dd8223707f7d0188cb3e17ab33a58e76f889744ca7cb5ae580135580b6e4b8528134978fcb74a43d61fa489f7f142d4d329cec6e37b9ff5237214e7ce81e5b9f4e06a806a26dec665e576dd9593e06cbbe5c7c80fa145fb00a08edd6067157ed993f5b3a9530c08a2a53e78abd5f73b1e7dfddf5c02d09c4c5d150906ae4d06fe30b7d01ea9c378820688a8a557dedf982bb5b606a0dfd69f977ba1d9d2f3229d49cf203bfbac225e4bd634d104428af530c961c6bf266c0ec6682ce149d242e042b2e72f32f1235a3ce78fe24b711609ad2cf90e592c211d5210f56db37d7282194e3aa05679df4e6b74b18741163f5aa5a5304caf5efbb944a6b45a44f47609f2153506810f3b02aad15c9664c28797b030c5e617d8b824a2d02203c81a8b869357c667f01e6da7b26bc6d2b0129233fb3c2d71cb2468dec7433eabe018090bd53a8ef115861e6f25af9b2355e8a6c5b538965c1a177d4d733c9854cf3e26b09b638d71cabdac791ea8991aae64897f0905fb51e02c338c073f59b883399d4af154e4dda1a28bf93e7808ffd4aa81a7c36959bf846c82ac1858ab2b98d9e77b1ed83854c1810622d48202afd7c11f98a2763f665cd9c8fca901b8c942d0be601536da54c9764bae8586f12fd19eb7aea8b9ea706802d1a5d7348f55ff7fb3620bb0546489737cd3977ae97b0c3ab742cde0bc1996d23cea19b4a5a011cb88081bb6dcdd2af7da55a63451aa4bb8e9e4afb6821b820b000696075e3885bcb5f4b31c065d5315201150f11cbe1cb319499876e5fe9f1baed9939a84fee60a23e45e29d151ae54d2f7fb8cd59e2758529469f8f7ffda4b175207195809b6ee767fe7ed3f8d2d32a3302eedefd2adb7aeae48e02e0a267915adaf76b40766338c9dc98201b29b2303523091364afa580dc618b837607c97c6fe0e254689e48e9f611244d3809e4bd26823f6ee3e0c0594cc42e7e8da99bd81a6b0b1e369c5569bb28e55209272647c6e3a22ac8ec17eee3c5df492dd2465c3a9c38e8da07dd89de76679d89333e085d82d80d9e633df17df18c1b6f5436013144f3853bc6e2ed80011ee1cb7c5b83088c04e85aae39bc0b9d27c7c9c039606a0bed2159a7c8e982c9796e5b40da5663ded26e9a9aa9bc66220ad2a608975337321455fd03c8f363398d3163c787f69194e4421c5142565c9898f7581afa90d179db0e71a939d6144aa9efe780f154dc12363b0bdcc3e8526afadd35766e657450151f1b8ec383e41050f471e289420c8187548651af86687d9f6f3cdd60302cb956e3c16630364e201a6a94de69b06ebada9499c728b53559aa8a1ed971b9845a4bb4abe7d32b5302fd058b3984537a04f49cc91ce4fd5a5b889a700bfa5f084ad94da30c85ec8e09042d1347fb05f0121cb8e624bfe806150bf385d00b68d9d31d8ac72c01a5a35b8511678774982e79651e82b7d8ec77a77515478918db5da897918c77aa2fbd6efacd145134f458b26af01e739333d41e581074db7df4a3d717c7be9295efed1127511b4d30649caed0bc16b0bf3d2041354ecad0eb46983cdf3e532919d2e807f656ca07989ffb34bee5a33d27d8211fb2db980840f1be4c9819c367a81323842b60a276d87f7a7371e0f0e6c0682d6b7eb0de73ad76db3629d742f703eddc5b1ab47a221a9fbfd586b0d646fb598cddbf9a68498feed0d0406b3ff8ae80b3b42d936cf203a4cc733948ef8762be1fe105dda7f2cadf3e616035132c55aec9e27b93c4224c3f82115e4dfd588d625e098c7a24ecb45ae6d27675573f0ea5f93a62340d6a8d21fb1931f17b87754e79d1da02cb036f9f0329979bbad82184155d097e3c7dc0efceffc3508d94569de59cb8289f5abd6f8091ab44f7fc0d71aa3babe143b2e3cb778bd4a63aec8403d1792c96a5414e71b980341c7309ae3f3e4f22f0cb2663f3c2ad1539ec9ce525600fdfc027037802abd866089d7c16ba919a8e0e2c726ea4d090ab32b46d240e453e56d16949ca0fa19ed96ee4c9da2391aa9ce278566a3f1bcf884638954d5076654272cf74c2ec098ad3f86a002d1fa436bda72b69ae5c01071b5c47f3e0f0fbbe816319cb5777f4d18244d7b30b46ce60d587c02134c760c5b5f696c2b2ce2c6951b861345268e8d8f52fa42d9ecb82787421589e9d2305c177003c8ff4440fa3b4711d7f14118c46cdede94eb2c85166d7653c4f56d993f7b650a89fc58bdf9df7797a36dcd92a984d766d0380d496e9b9db708a60ad719d5a8169a7d40386b63f31c14f1bcdae85169bc24c92376f568a941e29e96ceb1e9eb6d45be615d6a3547a79e401b19c5a4e91a186bca2846adce4215bf7c0c516d8847c20affac8f9baf2e9aa67028be86869c54a4d012f7c9f621ea9be66ae824ae01f93f70a64d6f967b363ad026beafdeb7f426835587ccc1c8a6814be20b870772581d84e2f571255af6c5b5ca89920deb3e0071485271f33e9e24ad1f"}, @NL80211_ATTR_BEACON_TAIL={0x31, 0xf, [@ibss={0x6, 0x2, 0xffff}, @cf={0x4, 0x6, {0x1f, 0x33, 0x7, 0xffff}}, @ssid={0x0, 0x1f, @random="87d6e03562ca708db10a7f83d4721632113e094b59fad654c0cd2b967447f5"}]}, @NL80211_ATTR_IE_PROBE_RESP={0xd, 0x7f, [@mesh_config={0x71, 0x7, {0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x1, 0x8}}]}, @NL80211_ATTR_BEACON_HEAD={0x27b, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x5}, @broadcast, @device_a, @from_mac, {0x9, 0xaa}}, 0x6, @random=0x5, 0xc0, @void, @val={0x1, 0x7, [{0x4}, {0xc}, {0xc, 0x1}, {0x64}, {0xc}, {0x6}, {0x6, 0x1}]}, @void, @val={0x4, 0x6, {0x7f, 0x1, 0xfffd, 0xfffc}}, @void, @val={0x5, 0xfa, {0x81, 0x81, 0x7f, "e752ea264aaf9dc1c56799050fcca9918b2170a67607092db438eff14a09cce8f6af0fac39c2fcc7af8c003a2effe2f5f37efa88a586db5f8575244bc7d4567eb0906f84f31a4bc5d70f25a17bbb06ffd5da4de6fd0e60fec72e0aea594ee474cd44ce362e96481bf997a59abc7c523ee58fee627dfb6eccb9be90803f6af8c2d15bcf1b578448d29106596ac5dc19b1453a50c40efe880cd7514d0116e9cca067685997309dfe3a9d89e1241988fd8f3c9fe22c66134f6ec33121c6e3f07c32fc77f0b3d4e9336f56393b04ed93f20ad1455ad912f88e91dc8e24e07123c1aa06ebbb4f54b34103093dcb6f2fda768189edd614018067"}}, @val={0x25, 0x3, {0x1, 0xa5, 0x3}}, @val={0x2a, 0x1, {0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x43, 0xb7, 0x95}}, @void, @void, @void, @val={0x76, 0x6, {0x2, 0x0, 0x1d, 0x1f}}, [{0xdd, 0xd, "8df90f4b2ed5243bbddb8b943c"}, {0xdd, 0x44, "cc38382410126506127f3f00acb25f5622e240e573f29b5024595caeeffc7b038dbe71c15287ea22dd611bb020aa232eacee87204da273f887af489f6de6a779f1779508"}, {0xdd, 0x89, "878e9db568a0a2f0a9c5c508a6384ca58de95d73628c67e5b4cfa802580234f7bb6e0fd6d6a4e92561c4f1dbf0d92f903ea8da76369cc2701643d93f1830d79aeb31e6959c85b91351a551707a9b3b7e9a47feeb56bd0a38836a005f21f373b8cd9c23dca9bd7a394a6bbcd5320e37b492e530e514d2bee2b3e35241d59651bf74bcb389c8457ff4d5"}, {0xdd, 0x4e, "c41eadd98234953a3317be3cc7b8671ad8036d58692d90aebc6139874b8c9792889d3aa58fb066ea32e2b191097d1f8531bbd54b2b44ea90c3842ec00936b52ee733bc4b2802d92fcc01e6e15e39"}]}}], @beacon_params=[@NL80211_ATTR_IE={0xa, 0x2a, [@peer_mgmt={0x75, 0x4, {0x0, 0x2, @void, @void, @void}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x1ac, 0x80, [@ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb4, 0x1}}, @random={0x0, 0xbd, "a0fbb51731f30ca64fad927a5e271d8b7c0340a1dd2f0eae027b763715419e3d8ec6b4b2c7849ed859e2e341a772c70737e96b841f7daad39c4e348e105cc8a291e9b6c21c7784ed29009cfdd612a647a2000c7915e4c268cc3c768e1b8de74aac20770d7339b32f05748d582c90e5a673b5bfbcc794b4aece4b8579b69b32af5ae938cf753b9a03921d71ee7cb29d45b4a74c78d5082ac33062ea680ce872a0f1af9679218dba55c48345687d7b5f3543e6d83c1617b3d7e5940376cf"}, @erp={0x2a, 0x1, {0x1, 0x1}}, @random={0x3, 0x15, "8575bd3513fb90be825c11ea202a38ebe4ad1395b4"}, @channel_switch={0x25, 0x3, {0x1, 0x64}}, @random_vendor={0xdd, 0xba, "3ccf4e0910ab43006d91824f3cea1e8a30ebedfa5763072e6e10330e1e53cce5123f68de1ff1c187533d5bf1029785b8b497c43e0e5420ae2b18c9d177ebd4b5654f96d49fd424c26d53996156dac65c01558bef5d184f845d39bdd103f5ff0a0a62b5b1d7e21eff0a232dbd1766674a1d25f38797ada936a9c972dfb3a689032bd0d7594b5c4280a8055320bcff15f119cdf758d58f8c7f731e6d927c93e2ef6a6ae2d783f5365041752fed381c76449d05852195aa4cdf706d"}, @gcr_ga={0xbd, 0x6}]}]]}, @NL80211_ATTR_CSA_IES={0xcd8, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x1cf, 0xf, [@cf={0x4, 0x6, {0x20, 0x3f, 0x9, 0x40}}, @tim={0x5, 0x28, {0x0, 0x92, 0x8, "6ace953e1c12d35e75b3c882bdb348eda79ee1adb3f9c25d7ebd123765d12838dcac29e1cc"}}, @cf={0x4, 0x6, {0x8b, 0x0, 0xfa3, 0xffff}}, @random_vendor={0xdd, 0x46, "327207b56405b95836ef4ab485fe78ee21762f1651c29df1ef1f416bece25f21da4f9d0cee6f6126a15041068f0b5b2bade64f4b611d1d968665f553b4122dae0d9fa3f42da7"}, @random_vendor={0xdd, 0x73, "a7395e32480f03ab56205b18510b62ba43de6adaec53445388aecc5bde94aab7ad1af107116d9d1e0a9052a589370d6bee5199daf8b90db1a57b53aa5e8f4925fc2f09e3ff0f76e1c66ff1ace475ad89b0b337353644dad3604f1263c82c9a3daf93a35ee71204a3f32137cc9676e8a167409e"}, @random={0x2, 0xc4, "01cf5df34f300036f888eb03a0583bdbf112fdc6a48c8504bf52b89347fc382de58f556659c15e88126bf2ad6b0b90e8d65b07596cdae85e9ff47806bbf9fe017c968e8143e5f7fcf8db19620bb7fea89c9729b694d3656872a83afb500db96b3dfe6d40f82fecaeec4ff1a3298b872a799f4c139ba8a40dbd7a6b5fbc05a31847305dfe6484e7153c656b0afea23b79e55b9e4ceafafc590d5d60d8d42241f5107ea0a2375917032c483feda6aa6375295c331f9a14c66a76644b2a6e2100905dafebec"}, @cf={0x4, 0x6, {0x5, 0x80, 0x6}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb1, 0x3}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x1b, 0x80, [@link_id={0x65, 0x12, {@from_mac=@broadcast, @broadcast}}, @erp={0x2a, 0x1, {0x0, 0x1}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}, @NL80211_ATTR_FTM_RESPONDER={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0xfb, 0x80, [@mesh_id={0x72, 0x6}, @ht={0x2d, 0x1a, {0x1000, 0x0, 0x3, 0x0, {0x1f, 0x5, 0x0, 0x77, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x1, 0x0, 0x1}}, @tim={0x5, 0xaa, {0x6, 0xa2, 0x1, "68310c98d8ce1bbc3e4f8751449cf1648575d2db50b03ad59e3a2528bca8480a0a7ccfaf99ea98de11b30740333e928d969e80fad2fc7fd708ea730493016dc0e3a346f9634e228f8ab399d2d64ffe8460a0a3d2c5a1113279ba831dadf33650e212f7e39d47f1bc8ac0f6b4ea25736f2a0a1bdc214e8f74d876f0854a013a6f8fe63fe7e20c228f20a95dbb4398274cd10e054531906f248a27722c8d5e446d4611be376fa8d6"}}, @prep={0x83, 0x25, @ext={{}, 0x5, 0x7, @device_b, 0x1f, @device_b, 0x7ff, 0x80, @device_a, 0x5}}]}, @NL80211_ATTR_IE_PROBE_RESP={0x9d, 0x7f, [@supported_rates, @ht={0x2d, 0x1a, {0x400, 0x1, 0x3, 0x0, {0xeb, 0x24, 0x0, 0x36, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x1, 0x7, 0x3}}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @random={0xff, 0x5c, "8bb24ca3950f5ca3d75cf52661fb07f2a30df8cfe5c256b003004166efd051324954f14c1b11de127223639a2d05ae614d3100cd371cd3cb4d0af29bd5ca2733490851f05ec53adc1088725d6a2664293982276496196c0103eaa372"}, @rann={0x7e, 0x15, {{0x0, 0x68}, 0x2, 0x2, @device_a, 0x8, 0x7fff, 0x5}}]}, @NL80211_ATTR_FTM_RESPONDER={0xd8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x99, 0x2, "3a6bf0bab7891d2e4b15a7366e58834cf7d46be144ad6604407876a03e531dbca32bfab334bade4f16972a1fb4ed06842820e8b11de8d7c3a93f55e20db14ec3b3feff886b3457a5b144a155fff8acef4aaa5da20e968b1f0530951c48f4c48596e99f0546e67152a2f53f5caded575167037015939830f20ccc03683ee1f7fa20f57333e43fc60aff83df820dc2c0cdc22c39f5a8"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x27, 0x3, "ae6488e80fffe0fe1287079f085c4590749615fc17a579c01de1e662a465056d1aa216"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_PROBE_RESP={0x56, 0x7f, [@mesh_id={0x72, 0x6}, @erp={0x2a, 0x1}, @chsw_timing={0x68, 0x4, {0x0, 0x7}}, @peer_mgmt={0x75, 0x6, {0x0, 0x7bc4, @val=0x9, @void, @void}}, @rann={0x7e, 0x15, {{0x1, 0x1}, 0x7, 0x0, @device_a, 0x10040, 0x7, 0x2}}, @rann={0x7e, 0x15, {{0x0, 0x4c}, 0x5e, 0x6, @broadcast, 0x0, 0x3, 0x2}}, @erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @cf={0x4, 0x6, {0x2, 0xff, 0x3ff, 0x112b}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x249, 0x80, [@mesh_id={0x72, 0x6}, @fast_bss_trans={0x37, 0x83, {0x1, 0x3, "e23fa800254171511a6df67cecd8fed3", "a3c2c756e371afc7c97cd63c44fe03db9f2104fe906d04736a857c720108ddc9", "0503dcc4441d893ff2a6bb20ff43d69a576741e9a1ab9ecc945be4c91939b029", [{0x2, 0x1, "95"}, {0x3, 0x13, "f0fea7dd9cc729ec2e0b45412afc9fc1a43f20"}, {0x4, 0x17, "c36c0a2c401a692125d80c8bd8633ab5a98d9b640140fe"}]}}, @erp={0x2a, 0x1, {0x1, 0x0, 0x1}}, @erp={0x2a, 0x1, {0x1}}, @random_vendor={0xdd, 0x5b, "603a41744b1ddcf2bcbf86570b40d5a0c1429a264b3f94658e0898c90b18e34e2a2236e9b8439b7be5a91f151be70194193959298f1c5ca0422b2e9a493539054e1d86e8e3eb6571de782948056b28e2a3bd6335d899c556256813"}, @tim={0x5, 0xdb, {0x4, 0x6f, 0xff, "52ec933f32ceca0a020571550454efc485d406af2b7be08840ee6e97c091424eb1db3a6ff77e932da121c028ff0f773f77bd924397fc098d84b2c64570fdf9260e53a30ce309e1cb0237072f636122591bd48f2bb71862516378b91b42ffa9151d8ea813715ff73bd526eedccd79d2663cd0fdcbe863ba08d65a86e54264d1491c12844a2c56560e7c3d1c84ce29041843f274eac331f142e376cfe33fc3719d480b96b8ea541089fe23cd79d4b1a1c855db9267aefa707526f8cef4039595a1a2973149c0b1174618f4e841f338e5cb77b66f72756c5150"}}, @ht={0x2d, 0x1a, {0x2, 0x1, 0x4, 0x0, {0x5, 0x1ffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x300, 0x8}}, @preq={0x82, 0x2b, @ext={{}, 0x2e, 0x8, 0x81, @device_a, 0x3f, @device_b, 0x0, 0x8, 0x1, [{{0x1}, @broadcast, 0x3ff}]}}, @prep={0x83, 0x25, @ext={{}, 0x1, 0x5, @broadcast, 0x9, @device_a, 0x3ff, 0x7}}, @gcr_ga={0xbd, 0x6}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x1, 0x7, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x14, 0xbb, [0x3, 0x0, 0x9, 0x7, 0xc145, 0x7, 0xffff, 0x12]}, @beacon_params=[@NL80211_ATTR_IE={0x10d, 0x2a, [@random={0x3, 0x1f, "698fc301aa23e42053399dc85dd3c931f25893039cd315850ccd56a942d5f0"}, @supported_rates={0x1, 0x6, [{0x30}, {0x36}, {0x2, 0x1}, {0x2}, {0x12, 0x1}, {0x6}]}, @perr={0x84, 0xa2, {0x3, 0xa, [@ext={{}, @device_a, 0x5bf5eff8, @device_b, 0x6}, @not_ext={{}, @device_a, 0x8, "", 0xd}, @not_ext={{}, @device_a, 0x5, "", 0x3c}, @ext={{}, @device_b, 0x9, @broadcast, 0x18}, @ext={{}, @broadcast, 0xffffff00, @device_b, 0xb}, @ext={{}, @device_a, 0x80000000, @device_a, 0x25}, @ext={{}, @device_a, 0xffc, @broadcast, 0x1d}, @not_ext={{}, @device_a, 0x5, "", 0x29}, @not_ext={{}, @device_b, 0x7f, "", 0x33}, @not_ext={{}, @broadcast, 0x4, "", 0x35}]}}, @supported_rates={0x1, 0x2, [{0x18}, {0x1b}]}, @random={0xfe, 0x11, "0506c7f043258d8199620b58cbaa3a37ff"}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @mesh_id={0x72, 0x6}, @rann={0x7e, 0x15, {{0x1, 0x9}, 0x1, 0x20, @device_b, 0xfffffff9, 0x3, 0x7}}, @challenge={0x10, 0x1, 0x89}]}, @NL80211_ATTR_BEACON_TAIL={0xac, 0xf, [@gcr_ga={0xbd, 0x6, @broadcast}, @cf={0x4, 0x6, {0x8, 0x3, 0x6, 0x7}}, @measure_req={0x26, 0x8e, {0x2a, 0xf9, 0x7, "2e994e14c7a2793125eaaf7d52fb7a77a53c9b06b2532095499c5cd5a70fdaf35746bd395eb6dd0bfdcb2370c25983cb50c1f3e5f980aea658a9553f131be1d2d26f38311d5a27da8fe593fde5b6bef82cfd0a4de4a960441c751cbe531e4c2abf6a8722d2cc372e7695d2d70338008802f5d96af1d49e309482e3c98863544a310b0a05b9d24a92685c2c"}}, @ssid={0x0, 0x6, @default_ap_ssid}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xe, 0xbb, [0x3f, 0xffff, 0x0, 0x401, 0x800]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x3c5, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1}, {0x30}, @broadcast, @broadcast, @from_mac, {0x8, 0xb72}}, 0x80, @random=0x7f, 0x8118, @void, @val={0x1, 0x6, [{0x3}, {0x6}, {0x48}, {0x6c}, {0xb, 0x1}, {0x6c}]}, @void, @val={0x4, 0x6, {0x0, 0xe2, 0xb2, 0x6}}, @void, @void, @val={0x25, 0x3, {0x1, 0x3, 0x9}}, @val={0x2a, 0x1, {0x1, 0x0, 0x1}}, @void, @void, @void, @void, @val={0x76, 0x6, {0x9a, 0x2, 0x17, 0x5}}, [{0xdd, 0x16, "15e9477f8908e7932e1ae3dc90331e71d38bb54fc14d"}, {0xdd, 0x23, "39773a8b283a8d04aea7a46dda5f5fae8cf3a1e885358d051b6c9cfe7d4fd5eb8b1967"}, {0xdd, 0xd3, "89bdc6120287fca0e762c2602b1631d7f17e6b52412a0450c6f2d2046e2db368378b24b315b838f5a882359703710d396f2d63a29714a1c9d3c45e24586950ce19c2979de659460282b9133a22825ebe0ccd90c504233b6b3f68e9d4a3ec4aae44fedd3f4c6656d81df3a919fe4896d856d86da0c0dc817f185a4e5361c9d591ac4a978edc0793a3e38df1da0d2878ab69b8530db95d6c6ae394752235e9c0f6a71d7945afaf413b006c037db27f4523e314c8a84d00f98f3504be759580e2f4550b4e38a69e38fb39188a6e0c583e4ab0684d"}, {0xdd, 0xb7, "5ce0ebcc2fa3e6d16a9e0f4572bc4ad2a51694d3d184a846962ef45f4e400f019a961fa74083f36f826dad2fa0f303d5016d3982cce7c0c8854e275e9fb8bb17ce2877c78bff1249a389557cab28aa35eea492d0e3dbb3b130317597e4bb1339ea170ae2d7f2206ab4dd0ad4db021ae0219c11c69ede113fe8b5c98189e79ace77570f39f61c52b915068898799b32b1c6a075a8ba53748e887ee7bbd484ec66714caefe59094abfe61839533bf9540f1216a125bca650"}, {0xdd, 0x6, "28f8f1141664"}, {0xdd, 0xb7, "70b67511c8dec6a25f43814aeb02aaa99734c1eeffc3e07c14142c191db92ba18e3cb2c4760f7b1851aeb97a50c6576311c04caf207ad96b4e9eb96e74dab61220ce6c297d6340c0b324e060b73697d241b15770f77e0769ae9c78a746bff5383fb3e1919a0b4fcfc21d69a5a151e8969b10c35c9be1e45ca1b9c90f40bbfbaa7dcfba9ee9a6216411a61f42c4ff625791ab67904668145de031fae9f8405f21cc471d66dcecbd35243e8829ed984ac597d679dba6a041"}, {0xdd, 0xef, "78019830f7879ddf05df9789717290938b6e966e5ebad29a223383910685f3eabbc636018d9347ac288028f7c00a0c6ee93d255b19cee4965c7b57f956459df6d30df5d9e6da004a1410a1c3aa14c095d86d5c66313df9abd8f76f86eb93332447a485564113936cd7ad39ae07df595461936ff5d71f4aa83afa5a4f665385f26f96fccfdeb2b165211685b2272303dd7ac10118be4304fbdb95a129ccf813c0dd3dcd211a2c4763e64130ed2625e2f34c27e981bf613bbc6561d6bdee63986a6a699f3186ec5510a6443f8f37efabda6067483cf41435ebdb13dc33578ab22864349ea4ea2e87359138fae4785acf"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0x14, 0xbb, [0x800, 0x7, 0x41, 0x8, 0x1, 0x8, 0x7, 0xcd]}]}]}, 0x20a8}, 0x1, 0x0, 0x0, 0x4044004}, 0x4000000)
setsockopt$MRT_PIM(r0, 0x0, 0xcf, &(0x7f0000000040)=0x4, 0x4)

14:33:00 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', <r0=>0x0}) (rerun: 64)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r4 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r4, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r7 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r7, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r7, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r9=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r8, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xf0, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x28080}, 0x48) (async)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r7)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000340)={0x44, r10, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000041}, 0x800)

14:33:00 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', <r0=>0x0})
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 64)
r4 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (rerun: 64)
ioctl$RTC_UIE_OFF(r4, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r7 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r7, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r7, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r9=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r8, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xf0, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x28080}, 0x48) (async)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r7)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000680)={&(0x7f0000000340)={0x44, r10, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000041}, 0x800)

14:33:00 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r1, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_I_TEI={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r5}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_LINK={0x8, 0x1, r6}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x1)

[ 1330.963768][T24715] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1330.971717][T24715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1330.979663][T24715] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1330.990461][T24715] ------------[ cut here ]------------
[ 1330.996037][T24715] WARNING: CPU: 1 PID: 24715 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1331.005136][T24715] Modules linked in:
[ 1331.009158][T24715] CPU: 0 PID: 24715 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1331.021000][T24715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1331.031154][T24715] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1331.037015][T24715] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1331.056921][T24715] RSP: 0018:ffffc90000c17bc0 EFLAGS: 00010283
[ 1331.062996][T24715] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1331.071167][T24715] RDX: ffffc90001b10000 RSI: 0000000000033b01 RDI: 0000000000033b02
[ 1331.079315][T24715] RBP: ffffc90000c17d08 R08: ffffffff82410506 R09: ffffc90000c17610
[ 1331.087401][T24715] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1331.095353][T24715] R13: ffff888118365000 R14: ffff888118363338 R15: ffff888118363000
[ 1331.103477][T24715] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1331.112497][T24715] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1331.119186][T24715] CR2: 00007f77b10bdcc0 CR3: 000000011d867000 CR4: 00000000003506b0
[ 1331.127229][T24715] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1331.135239][T24715] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1331.143264][T24715] Call Trace:
[ 1331.146710][T24715]  ? device_add_disk+0x40/0x40
[ 1331.151546][T24715]  ? loop_add+0x380/0x760
[ 1331.156066][T24715]  ? vsprintf+0x40/0x40
[ 1331.160246][T24715]  device_add_disk+0x2a/0x40
[ 1331.164845][T24715]  loop_add+0x58f/0x760
[ 1331.169184][T24715]  loop_control_ioctl+0x564/0x740
[ 1331.174245][T24715]  ? loop_remove+0xb0/0xb0
[ 1331.178836][T24715]  ? __fget_files+0x310/0x370
[ 1331.183537][T24715]  ? security_file_ioctl+0xb1/0xd0
[ 1331.188800][T24715]  ? loop_remove+0xb0/0xb0
[ 1331.193251][T24715]  __se_sys_ioctl+0x115/0x190
[ 1331.198062][T24715]  __x64_sys_ioctl+0x7b/0x90
[ 1331.202713][T24715]  do_syscall_64+0x34/0x70
[ 1331.207280][T24715]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1331.213186][T24715] RIP: 0033:0x7f77b238e0d9
14:33:00 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="e2942b36381e24000000", @ANYRES16=r1, @ANYBLOB="01000000000000001b000008009a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r4)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r3, @ANYBLOB="00012abd7000fddbdf25090000000800040005000000080005002a0700005400028008000700ff0000000800050001040000080003000400000008000500ff7f0000060002004e200000080003000200000008000700d505000005000d00000000000800050007000000060002004e2300000800050006000000080005001247142b140003800600040001010000080001000200000008000500000000003400018008000500040000000c000700340000001a000000090006006e6f6e6500000000080008000300000008000b0073697000080004007f000000"], 0xe0}, 0x1, 0x0, 0x0, 0x4}, 0x20004000)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r5)
sendmsg$NL80211_CMD_GET_KEY(r5, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x70, r1, 0x8, 0x74bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d8c497ba6e975a13f1e493aa0e"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "4f15fe4f4cf378f3a6a6ce9bc0"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x2c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x200440d0}, 0x40000c0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40810}, 0x8005)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="e2942b36381e24000000", @ANYRES16=r1, @ANYBLOB="01000000000000001b000008009a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r4) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r3, @ANYBLOB="00012abd7000fddbdf25090000000800040005000000080005002a0700005400028008000700ff0000000800050001040000080003000400000008000500ff7f0000060002004e200000080003000200000008000700d505000005000d00000000000800050007000000060002004e2300000800050006000000080005001247142b140003800600040001010000080001000200000008000500000000003400018008000500040000000c000700340000001a000000090006006e6f6e6500000000080008000300000008000b0073697000080004007f000000"], 0xe0}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r5) (async)
sendmsg$NL80211_CMD_GET_KEY(r5, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x70, r1, 0x8, 0x74bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d8c497ba6e975a13f1e493aa0e"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "4f15fe4f4cf378f3a6a6ce9bc0"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x2c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x200440d0}, 0x40000c0) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40810}, 0x8005) (async)

14:33:00 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r6=>0x0}) (rerun: 32)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r1, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_I_TEI={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r5}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_LINK={0x8, 0x1, r6}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x1)

[ 1331.217736][T24715] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1331.238243][T24715] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1331.246755][T24715] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1331.254928][T24715] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1331.263048][T24715] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1331.271143][T24715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1331.279167][T24715] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1331.287211][T24715] ---[ end trace 36e3028cd67c66d8 ]---
[ 1331.303225][   T23] audit: type=1326 audit(1669991580.749:1906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1331.328491][   T23] audit: type=1326 audit(1669991580.779:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24742 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1331.352122][   T23] audit: type=1326 audit(1669991580.779:1908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24742 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1331.375702][   T23] audit: type=1326 audit(1669991580.799:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24738 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1331.406452][T24433] udevd[24433]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1331.424206][   T23] audit: type=1326 audit(1669991580.869:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24748 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
14:33:03 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000040)='bic\x00', 0x4) (async)
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x6) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), r1)

14:33:03 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r1, 0x100, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_I_TEI={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r5}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_LINK={0x8, 0x1, r6}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x1)

14:33:03 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1f000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:03 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 50)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:03 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="e2942b36381e24000000", @ANYRES16=r1, @ANYBLOB="01000000000000001b000008009a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r4) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r3, @ANYBLOB="00012abd7000fddbdf25090000000800040005000000080005002a0700005400028008000700ff0000000800050001040000080003000400000008000500ff7f0000060002004e200000080003000200000008000700d505000005000d00000000000800050007000000060002004e2300000800050006000000080005001247142b140003800600040001010000080001000200000008000500000000003400018008000500040000000c000700340000001a000000090006006e6f6e6500000000080008000300000008000b0073697000080004007f000000"], 0xe0}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc00000085db95047e9f3f556d3b8daad1795225d781719a08978cfcbc3f", @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250a0000006000038014000600fe8000000000000000000000000000aa140002007665746830000000000000000000000008000300030000001400020076657468305f746f5f7465616d0000000800030000000000050008000500000008000500ac1414aa3400028006000b000a00000008000700070000000800040000000000080004000000000006000e004e22000006000e004e24000008000400ff7f0000080004003e3500003400038008000300030000000600040009000000050008000000000008000500640101000600040009000000080003000300000008000600186b00000800040000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x240040c4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r5)
sendmsg$NL80211_CMD_GET_KEY(r5, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)={0x70, r1, 0x8, 0x74bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d8c497ba6e975a13f1e493aa0e"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "4f15fe4f4cf378f3a6a6ce9bc0"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x2c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x200440d0}, 0x40000c0) (async)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40810}, 0x8005)

14:33:03 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = socket$igmp(0x2, 0x3, 0x2) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0) (async)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000002180)={&(0x7f0000002200)={0x20a8, r2, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x40, 0x6b}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x1f}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x286}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}], @NL80211_ATTR_CSA_IES={0x1360, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_FTM_RESPONDER={0x278, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x69, 0x2, "3a4f1323d6d5e79f353e199bc7b3538a21c2e1ed1d3efe7abd81ba6091fff072ebd4e973db5e6764b06d61a52c70a11a6e86e58b0a1dd4cb2106b264132b32732c7c904d5b072c7c2015f9acb604cf8e4fcf81e3240871623a95491a2463bcdb190a7539b1"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x83, 0x3, "2a0de473d5ca5a521411cda2d23d91939583743356f2d53f581f9dedb0f4343f334526bc7b148e197e5b99a8b227d31324f01562e7d7507ea241cf002da85fbf7284c65995cb9d478e02d952fe35008490ee6f57e58711f31a8cd2e1acf54ab7f4b058e3c78e32cdfece2ac3f0685b48ce3e3a6539e8fb390a1b4757abf1bd"}, @NL80211_FTM_RESP_ATTR_LCI={0xdb, 0x2, "a479ec7af5d55fdf46d7c5f5a824dd5e15ea79b21c2f8ef2849121567a1da5036a3418513a6731e507897ba27e6f0aabf75eca799907cc637a0ec82a3d622befb74aa5ed182e378c60fae239bc310a78da9c9cc9f28c0a54d203f98ca62ed0130fd9965df52f1a39ddb738cd63a142b146bc08fc415ad50280795fd9523cb6d84912fa2793f21a015d71c4a718019e6811dedb2f11d515b586bf9a3c9bd8d2401cce5469e60cb6d01cc0523d961d37572e59fe15fcc59e365a96c23496ca123fc6ef6d8f0ac53a6ea750ca2e27110c53a0a0c8339ad60a"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xa7, 0x3, "95693636fb79800fcd53eb05cfa721e0017f43fce5c1c42ffb3d0fea8814573966578ab1abfc96875eaa1dbc4ba2b01b898d9d3ad33054022dcd066adef35e032ea5bf149855d3afc690b43cec92f5793d32d01e924e85c2eea47908a7a9dcac026748bda4e8227e3c3da8821c8f92c9dfe6e29a41b54746baf802b546ca769c02f9494e4f62fa2e5e8207612dd3014c17940b6323fd6c33dcce5077f6530080b72b64"}]}, @NL80211_ATTR_PROBE_RESP={0x500, 0x91, "d9f0d942afa1ad3285d686fb56cb6fbf17f117ba1b0ceff669e64de6a137bb3823ad67cd4cffbdac1bb0711389d6e6156c094265ac8727b03c221d6e27d8cba4b0e69753a52b493c291ecd80921a07277bd8129ae6d6aef3b4d9013da948cf877fd257d6eb5c0c7653981dfd7d481f4403ed479c7d93d215631d5ed8ae64e2feac046d9c4d2edb304d3e66878b527d7bbd2777741f593b8161322d552b0306ee6fe2cd5a132cd007b3e2a5907286fef4e0424d5d04c102ec901db086de0cd55175e817123c4f43f6af036ad5e82f6535002d39b3b68a5b86bcab1ca69a3fda7a3c739b79610e34c7027e2abd51079983834e1ef21bfe3f7b7437d364c2d5daf399d1708a6322c33ea1422d07a34fa14d651753053166ec52209e04bd88b7c551f9d3222232f5a88cc05c73573a733bb5c5cadc37e15bd8530a10df8c4c668e1fe3d0aa8517f24430ac7e7df270a8512b7e03234e2bef3d4463bc11e781ef8bccce93d9b103f7b48922c6af16f22f0869c31bab2917082a61e03aa5d4cd99087282990a7ff3abecd02a60e3fc0e09faa43343cf7fdb141e48bf5804a0f532a248a9e53883c8c0f904b5fc0938931fed55d1127737914a274a88c2aff97c7855a615c044cda000a6c4b0c018ed95c995eaa9af4e6e9cedfb408d376114f2a47a07e51cb7c650f15e8cdbbfd8eaac041eced83fa1403875a7899ab145bb718df32b79fd8b51c239918e00372578ddca7d84cf45d4d7d320c7ab611f7f6baf256b30df2ef63ae7cca7a19a6658fdc03dfe90c895d61c6b80450a87eebbf65f9ca10fb711e17143447fd5bf3dedaeddc35ce11f6388d5e98a1bed56e7bd5285f5e22b1c5746d2f0d822c31ae9b768b2f0afa2bde54df4bef2ee1e706fac504eae682c162ae8f728d4b44611514d2eaab4af757bc4feb6071b5b29f347ce0ad4daadaa8bca9675ab245047678cd996bbfd591d20bc801e5a76b3aeddb639b28062a66d2829e962939ec07be3a6c02c419bbc58935d5cc16073160ae20f98c65177c742ef164c9c9d771d497ff3beec67701f382f5c91d61f8b73c0bf091404eeb3f38db0a699b56c097d5b6b4042b8417082d46dc65a8f12c52622abb0bd0384b31cf26ce6571027161677afccf5679b145a6c5d18e1adc54353634db70cf33c9ab83a03630e382b9f484789b1ac0cfdf820245dd603fc6f83bff30c93a1af84b7b7f5b38feeebf8acc9bc3084ee60a226424843705d7839dc2b42621ea6401f7842a876e0087fea677eae7be3c7e7c48a632df6f362ca530127bf57f1dd999538d39246254a16a94b4b08a7713a3fb226062badaf18c264e969b40378745a8547c927b1f96d83160fffd5748dcd2be289cb6a88d353016abeffa0b5887a8ec64a0d3ef19edd506c4d44406bc50ba7cf4c1cfb85be9627b1bbc0dda28394b41f0ab8c91e67e05997198f28bcc841a824db08c59f27de2bff9454051e1b3abe3096179794b294fa90b98ad7e2c49e52cc1a9dc5a2bb55f4fe2257a3ae10e0e70c161c408814df329e23cf2e2225a1b8f85a699179a4a347add329e3f9cf6c1e9af0249921e827c6360111c02b320b7f7a013c863b8766c10bc0582bdbb0f09e860d5621763aaa4544e07dc5a8bb1b667d1d080b3d4dfc73003072059d37d9268365991b3fd864a60ed2d6e7fd459fbb5df11af2f6cefb33a0c439a2ef65c3bf3495522283f381089b86ad839ebbe0274b35ea870dfeee2c76052d6f4520de1bda4bb5e29471cb7cd51f0511f202b7244276c08903f055e46cc877388839d0df"}, @NL80211_ATTR_PROBE_RESP={0x76c, 0x91, "414c0102276a7b1950b17928d8859e863acf4ac76ddef67bc20aca4831ef898a72c9c01037acde477b5aedefaaf5f173f46ea6c36ce67b8af0ca945c8ddbee58f26c1c6bd6976dfd48582c4f4c9c19ebffbe12e38e37372a8f6bece71937135a10512b2e94243c88ae8f1cc592607b78398b5d23bc71e835903397f4a96d93988dd8223707f7d0188cb3e17ab33a58e76f889744ca7cb5ae580135580b6e4b8528134978fcb74a43d61fa489f7f142d4d329cec6e37b9ff5237214e7ce81e5b9f4e06a806a26dec665e576dd9593e06cbbe5c7c80fa145fb00a08edd6067157ed993f5b3a9530c08a2a53e78abd5f73b1e7dfddf5c02d09c4c5d150906ae4d06fe30b7d01ea9c378820688a8a557dedf982bb5b606a0dfd69f977ba1d9d2f3229d49cf203bfbac225e4bd634d104428af530c961c6bf266c0ec6682ce149d242e042b2e72f32f1235a3ce78fe24b711609ad2cf90e592c211d5210f56db37d7282194e3aa05679df4e6b74b18741163f5aa5a5304caf5efbb944a6b45a44f47609f2153506810f3b02aad15c9664c28797b030c5e617d8b824a2d02203c81a8b869357c667f01e6da7b26bc6d2b0129233fb3c2d71cb2468dec7433eabe018090bd53a8ef115861e6f25af9b2355e8a6c5b538965c1a177d4d733c9854cf3e26b09b638d71cabdac791ea8991aae64897f0905fb51e02c338c073f59b883399d4af154e4dda1a28bf93e7808ffd4aa81a7c36959bf846c82ac1858ab2b98d9e77b1ed83854c1810622d48202afd7c11f98a2763f665cd9c8fca901b8c942d0be601536da54c9764bae8586f12fd19eb7aea8b9ea706802d1a5d7348f55ff7fb3620bb0546489737cd3977ae97b0c3ab742cde0bc1996d23cea19b4a5a011cb88081bb6dcdd2af7da55a63451aa4bb8e9e4afb6821b820b000696075e3885bcb5f4b31c065d5315201150f11cbe1cb319499876e5fe9f1baed9939a84fee60a23e45e29d151ae54d2f7fb8cd59e2758529469f8f7ffda4b175207195809b6ee767fe7ed3f8d2d32a3302eedefd2adb7aeae48e02e0a267915adaf76b40766338c9dc98201b29b2303523091364afa580dc618b837607c97c6fe0e254689e48e9f611244d3809e4bd26823f6ee3e0c0594cc42e7e8da99bd81a6b0b1e369c5569bb28e55209272647c6e3a22ac8ec17eee3c5df492dd2465c3a9c38e8da07dd89de76679d89333e085d82d80d9e633df17df18c1b6f5436013144f3853bc6e2ed80011ee1cb7c5b83088c04e85aae39bc0b9d27c7c9c039606a0bed2159a7c8e982c9796e5b40da5663ded26e9a9aa9bc66220ad2a608975337321455fd03c8f363398d3163c787f69194e4421c5142565c9898f7581afa90d179db0e71a939d6144aa9efe780f154dc12363b0bdcc3e8526afadd35766e657450151f1b8ec383e41050f471e289420c8187548651af86687d9f6f3cdd60302cb956e3c16630364e201a6a94de69b06ebada9499c728b53559aa8a1ed971b9845a4bb4abe7d32b5302fd058b3984537a04f49cc91ce4fd5a5b889a700bfa5f084ad94da30c85ec8e09042d1347fb05f0121cb8e624bfe806150bf385d00b68d9d31d8ac72c01a5a35b8511678774982e79651e82b7d8ec77a77515478918db5da897918c77aa2fbd6efacd145134f458b26af01e739333d41e581074db7df4a3d717c7be9295efed1127511b4d30649caed0bc16b0bf3d2041354ecad0eb46983cdf3e532919d2e807f656ca07989ffb34bee5a33d27d8211fb2db980840f1be4c9819c367a81323842b60a276d87f7a7371e0f0e6c0682d6b7eb0de73ad76db3629d742f703eddc5b1ab47a221a9fbfd586b0d646fb598cddbf9a68498feed0d0406b3ff8ae80b3b42d936cf203a4cc733948ef8762be1fe105dda7f2cadf3e616035132c55aec9e27b93c4224c3f82115e4dfd588d625e098c7a24ecb45ae6d27675573f0ea5f93a62340d6a8d21fb1931f17b87754e79d1da02cb036f9f0329979bbad82184155d097e3c7dc0efceffc3508d94569de59cb8289f5abd6f8091ab44f7fc0d71aa3babe143b2e3cb778bd4a63aec8403d1792c96a5414e71b980341c7309ae3f3e4f22f0cb2663f3c2ad1539ec9ce525600fdfc027037802abd866089d7c16ba919a8e0e2c726ea4d090ab32b46d240e453e56d16949ca0fa19ed96ee4c9da2391aa9ce278566a3f1bcf884638954d5076654272cf74c2ec098ad3f86a002d1fa436bda72b69ae5c01071b5c47f3e0f0fbbe816319cb5777f4d18244d7b30b46ce60d587c02134c760c5b5f696c2b2ce2c6951b861345268e8d8f52fa42d9ecb82787421589e9d2305c177003c8ff4440fa3b4711d7f14118c46cdede94eb2c85166d7653c4f56d993f7b650a89fc58bdf9df7797a36dcd92a984d766d0380d496e9b9db708a60ad719d5a8169a7d40386b63f31c14f1bcdae85169bc24c92376f568a941e29e96ceb1e9eb6d45be615d6a3547a79e401b19c5a4e91a186bca2846adce4215bf7c0c516d8847c20affac8f9baf2e9aa67028be86869c54a4d012f7c9f621ea9be66ae824ae01f93f70a64d6f967b363ad026beafdeb7f426835587ccc1c8a6814be20b870772581d84e2f571255af6c5b5ca89920deb3e0071485271f33e9e24ad1f"}, @NL80211_ATTR_BEACON_TAIL={0x31, 0xf, [@ibss={0x6, 0x2, 0xffff}, @cf={0x4, 0x6, {0x1f, 0x33, 0x7, 0xffff}}, @ssid={0x0, 0x1f, @random="87d6e03562ca708db10a7f83d4721632113e094b59fad654c0cd2b967447f5"}]}, @NL80211_ATTR_IE_PROBE_RESP={0xd, 0x7f, [@mesh_config={0x71, 0x7, {0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x1, 0x8}}]}, @NL80211_ATTR_BEACON_HEAD={0x27b, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x5}, @broadcast, @device_a, @from_mac, {0x9, 0xaa}}, 0x6, @random=0x5, 0xc0, @void, @val={0x1, 0x7, [{0x4}, {0xc}, {0xc, 0x1}, {0x64}, {0xc}, {0x6}, {0x6, 0x1}]}, @void, @val={0x4, 0x6, {0x7f, 0x1, 0xfffd, 0xfffc}}, @void, @val={0x5, 0xfa, {0x81, 0x81, 0x7f, "e752ea264aaf9dc1c56799050fcca9918b2170a67607092db438eff14a09cce8f6af0fac39c2fcc7af8c003a2effe2f5f37efa88a586db5f8575244bc7d4567eb0906f84f31a4bc5d70f25a17bbb06ffd5da4de6fd0e60fec72e0aea594ee474cd44ce362e96481bf997a59abc7c523ee58fee627dfb6eccb9be90803f6af8c2d15bcf1b578448d29106596ac5dc19b1453a50c40efe880cd7514d0116e9cca067685997309dfe3a9d89e1241988fd8f3c9fe22c66134f6ec33121c6e3f07c32fc77f0b3d4e9336f56393b04ed93f20ad1455ad912f88e91dc8e24e07123c1aa06ebbb4f54b34103093dcb6f2fda768189edd614018067"}}, @val={0x25, 0x3, {0x1, 0xa5, 0x3}}, @val={0x2a, 0x1, {0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x43, 0xb7, 0x95}}, @void, @void, @void, @val={0x76, 0x6, {0x2, 0x0, 0x1d, 0x1f}}, [{0xdd, 0xd, "8df90f4b2ed5243bbddb8b943c"}, {0xdd, 0x44, "cc38382410126506127f3f00acb25f5622e240e573f29b5024595caeeffc7b038dbe71c15287ea22dd611bb020aa232eacee87204da273f887af489f6de6a779f1779508"}, {0xdd, 0x89, "878e9db568a0a2f0a9c5c508a6384ca58de95d73628c67e5b4cfa802580234f7bb6e0fd6d6a4e92561c4f1dbf0d92f903ea8da76369cc2701643d93f1830d79aeb31e6959c85b91351a551707a9b3b7e9a47feeb56bd0a38836a005f21f373b8cd9c23dca9bd7a394a6bbcd5320e37b492e530e514d2bee2b3e35241d59651bf74bcb389c8457ff4d5"}, {0xdd, 0x4e, "c41eadd98234953a3317be3cc7b8671ad8036d58692d90aebc6139874b8c9792889d3aa58fb066ea32e2b191097d1f8531bbd54b2b44ea90c3842ec00936b52ee733bc4b2802d92fcc01e6e15e39"}]}}], @beacon_params=[@NL80211_ATTR_IE={0xa, 0x2a, [@peer_mgmt={0x75, 0x4, {0x0, 0x2, @void, @void, @void}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x1ac, 0x80, [@ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb4, 0x1}}, @random={0x0, 0xbd, "a0fbb51731f30ca64fad927a5e271d8b7c0340a1dd2f0eae027b763715419e3d8ec6b4b2c7849ed859e2e341a772c70737e96b841f7daad39c4e348e105cc8a291e9b6c21c7784ed29009cfdd612a647a2000c7915e4c268cc3c768e1b8de74aac20770d7339b32f05748d582c90e5a673b5bfbcc794b4aece4b8579b69b32af5ae938cf753b9a03921d71ee7cb29d45b4a74c78d5082ac33062ea680ce872a0f1af9679218dba55c48345687d7b5f3543e6d83c1617b3d7e5940376cf"}, @erp={0x2a, 0x1, {0x1, 0x1}}, @random={0x3, 0x15, "8575bd3513fb90be825c11ea202a38ebe4ad1395b4"}, @channel_switch={0x25, 0x3, {0x1, 0x64}}, @random_vendor={0xdd, 0xba, "3ccf4e0910ab43006d91824f3cea1e8a30ebedfa5763072e6e10330e1e53cce5123f68de1ff1c187533d5bf1029785b8b497c43e0e5420ae2b18c9d177ebd4b5654f96d49fd424c26d53996156dac65c01558bef5d184f845d39bdd103f5ff0a0a62b5b1d7e21eff0a232dbd1766674a1d25f38797ada936a9c972dfb3a689032bd0d7594b5c4280a8055320bcff15f119cdf758d58f8c7f731e6d927c93e2ef6a6ae2d783f5365041752fed381c76449d05852195aa4cdf706d"}, @gcr_ga={0xbd, 0x6}]}]]}, @NL80211_ATTR_CSA_IES={0xcd8, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x1cf, 0xf, [@cf={0x4, 0x6, {0x20, 0x3f, 0x9, 0x40}}, @tim={0x5, 0x28, {0x0, 0x92, 0x8, "6ace953e1c12d35e75b3c882bdb348eda79ee1adb3f9c25d7ebd123765d12838dcac29e1cc"}}, @cf={0x4, 0x6, {0x8b, 0x0, 0xfa3, 0xffff}}, @random_vendor={0xdd, 0x46, "327207b56405b95836ef4ab485fe78ee21762f1651c29df1ef1f416bece25f21da4f9d0cee6f6126a15041068f0b5b2bade64f4b611d1d968665f553b4122dae0d9fa3f42da7"}, @random_vendor={0xdd, 0x73, "a7395e32480f03ab56205b18510b62ba43de6adaec53445388aecc5bde94aab7ad1af107116d9d1e0a9052a589370d6bee5199daf8b90db1a57b53aa5e8f4925fc2f09e3ff0f76e1c66ff1ace475ad89b0b337353644dad3604f1263c82c9a3daf93a35ee71204a3f32137cc9676e8a167409e"}, @random={0x2, 0xc4, "01cf5df34f300036f888eb03a0583bdbf112fdc6a48c8504bf52b89347fc382de58f556659c15e88126bf2ad6b0b90e8d65b07596cdae85e9ff47806bbf9fe017c968e8143e5f7fcf8db19620bb7fea89c9729b694d3656872a83afb500db96b3dfe6d40f82fecaeec4ff1a3298b872a799f4c139ba8a40dbd7a6b5fbc05a31847305dfe6484e7153c656b0afea23b79e55b9e4ceafafc590d5d60d8d42241f5107ea0a2375917032c483feda6aa6375295c331f9a14c66a76644b2a6e2100905dafebec"}, @cf={0x4, 0x6, {0x5, 0x80, 0x6}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb1, 0x3}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x1b, 0x80, [@link_id={0x65, 0x12, {@from_mac=@broadcast, @broadcast}}, @erp={0x2a, 0x1, {0x0, 0x1}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}, @NL80211_ATTR_FTM_RESPONDER={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0xfb, 0x80, [@mesh_id={0x72, 0x6}, @ht={0x2d, 0x1a, {0x1000, 0x0, 0x3, 0x0, {0x1f, 0x5, 0x0, 0x77, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x1, 0x0, 0x1}}, @tim={0x5, 0xaa, {0x6, 0xa2, 0x1, "68310c98d8ce1bbc3e4f8751449cf1648575d2db50b03ad59e3a2528bca8480a0a7ccfaf99ea98de11b30740333e928d969e80fad2fc7fd708ea730493016dc0e3a346f9634e228f8ab399d2d64ffe8460a0a3d2c5a1113279ba831dadf33650e212f7e39d47f1bc8ac0f6b4ea25736f2a0a1bdc214e8f74d876f0854a013a6f8fe63fe7e20c228f20a95dbb4398274cd10e054531906f248a27722c8d5e446d4611be376fa8d6"}}, @prep={0x83, 0x25, @ext={{}, 0x5, 0x7, @device_b, 0x1f, @device_b, 0x7ff, 0x80, @device_a, 0x5}}]}, @NL80211_ATTR_IE_PROBE_RESP={0x9d, 0x7f, [@supported_rates, @ht={0x2d, 0x1a, {0x400, 0x1, 0x3, 0x0, {0xeb, 0x24, 0x0, 0x36, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x1, 0x7, 0x3}}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @random={0xff, 0x5c, "8bb24ca3950f5ca3d75cf52661fb07f2a30df8cfe5c256b003004166efd051324954f14c1b11de127223639a2d05ae614d3100cd371cd3cb4d0af29bd5ca2733490851f05ec53adc1088725d6a2664293982276496196c0103eaa372"}, @rann={0x7e, 0x15, {{0x0, 0x68}, 0x2, 0x2, @device_a, 0x8, 0x7fff, 0x5}}]}, @NL80211_ATTR_FTM_RESPONDER={0xd8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x99, 0x2, "3a6bf0bab7891d2e4b15a7366e58834cf7d46be144ad6604407876a03e531dbca32bfab334bade4f16972a1fb4ed06842820e8b11de8d7c3a93f55e20db14ec3b3feff886b3457a5b144a155fff8acef4aaa5da20e968b1f0530951c48f4c48596e99f0546e67152a2f53f5caded575167037015939830f20ccc03683ee1f7fa20f57333e43fc60aff83df820dc2c0cdc22c39f5a8"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x27, 0x3, "ae6488e80fffe0fe1287079f085c4590749615fc17a579c01de1e662a465056d1aa216"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_PROBE_RESP={0x56, 0x7f, [@mesh_id={0x72, 0x6}, @erp={0x2a, 0x1}, @chsw_timing={0x68, 0x4, {0x0, 0x7}}, @peer_mgmt={0x75, 0x6, {0x0, 0x7bc4, @val=0x9, @void, @void}}, @rann={0x7e, 0x15, {{0x1, 0x1}, 0x7, 0x0, @device_a, 0x10040, 0x7, 0x2}}, @rann={0x7e, 0x15, {{0x0, 0x4c}, 0x5e, 0x6, @broadcast, 0x0, 0x3, 0x2}}, @erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @cf={0x4, 0x6, {0x2, 0xff, 0x3ff, 0x112b}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x249, 0x80, [@mesh_id={0x72, 0x6}, @fast_bss_trans={0x37, 0x83, {0x1, 0x3, "e23fa800254171511a6df67cecd8fed3", "a3c2c756e371afc7c97cd63c44fe03db9f2104fe906d04736a857c720108ddc9", "0503dcc4441d893ff2a6bb20ff43d69a576741e9a1ab9ecc945be4c91939b029", [{0x2, 0x1, "95"}, {0x3, 0x13, "f0fea7dd9cc729ec2e0b45412afc9fc1a43f20"}, {0x4, 0x17, "c36c0a2c401a692125d80c8bd8633ab5a98d9b640140fe"}]}}, @erp={0x2a, 0x1, {0x1, 0x0, 0x1}}, @erp={0x2a, 0x1, {0x1}}, @random_vendor={0xdd, 0x5b, "603a41744b1ddcf2bcbf86570b40d5a0c1429a264b3f94658e0898c90b18e34e2a2236e9b8439b7be5a91f151be70194193959298f1c5ca0422b2e9a493539054e1d86e8e3eb6571de782948056b28e2a3bd6335d899c556256813"}, @tim={0x5, 0xdb, {0x4, 0x6f, 0xff, "52ec933f32ceca0a020571550454efc485d406af2b7be08840ee6e97c091424eb1db3a6ff77e932da121c028ff0f773f77bd924397fc098d84b2c64570fdf9260e53a30ce309e1cb0237072f636122591bd48f2bb71862516378b91b42ffa9151d8ea813715ff73bd526eedccd79d2663cd0fdcbe863ba08d65a86e54264d1491c12844a2c56560e7c3d1c84ce29041843f274eac331f142e376cfe33fc3719d480b96b8ea541089fe23cd79d4b1a1c855db9267aefa707526f8cef4039595a1a2973149c0b1174618f4e841f338e5cb77b66f72756c5150"}}, @ht={0x2d, 0x1a, {0x2, 0x1, 0x4, 0x0, {0x5, 0x1ffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x300, 0x8}}, @preq={0x82, 0x2b, @ext={{}, 0x2e, 0x8, 0x81, @device_a, 0x3f, @device_b, 0x0, 0x8, 0x1, [{{0x1}, @broadcast, 0x3ff}]}}, @prep={0x83, 0x25, @ext={{}, 0x1, 0x5, @broadcast, 0x9, @device_a, 0x3ff, 0x7}}, @gcr_ga={0xbd, 0x6}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x1, 0x7, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x14, 0xbb, [0x3, 0x0, 0x9, 0x7, 0xc145, 0x7, 0xffff, 0x12]}, @beacon_params=[@NL80211_ATTR_IE={0x10d, 0x2a, [@random={0x3, 0x1f, "698fc301aa23e42053399dc85dd3c931f25893039cd315850ccd56a942d5f0"}, @supported_rates={0x1, 0x6, [{0x30}, {0x36}, {0x2, 0x1}, {0x2}, {0x12, 0x1}, {0x6}]}, @perr={0x84, 0xa2, {0x3, 0xa, [@ext={{}, @device_a, 0x5bf5eff8, @device_b, 0x6}, @not_ext={{}, @device_a, 0x8, "", 0xd}, @not_ext={{}, @device_a, 0x5, "", 0x3c}, @ext={{}, @device_b, 0x9, @broadcast, 0x18}, @ext={{}, @broadcast, 0xffffff00, @device_b, 0xb}, @ext={{}, @device_a, 0x80000000, @device_a, 0x25}, @ext={{}, @device_a, 0xffc, @broadcast, 0x1d}, @not_ext={{}, @device_a, 0x5, "", 0x29}, @not_ext={{}, @device_b, 0x7f, "", 0x33}, @not_ext={{}, @broadcast, 0x4, "", 0x35}]}}, @supported_rates={0x1, 0x2, [{0x18}, {0x1b}]}, @random={0xfe, 0x11, "0506c7f043258d8199620b58cbaa3a37ff"}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @mesh_id={0x72, 0x6}, @rann={0x7e, 0x15, {{0x1, 0x9}, 0x1, 0x20, @device_b, 0xfffffff9, 0x3, 0x7}}, @challenge={0x10, 0x1, 0x89}]}, @NL80211_ATTR_BEACON_TAIL={0xac, 0xf, [@gcr_ga={0xbd, 0x6, @broadcast}, @cf={0x4, 0x6, {0x8, 0x3, 0x6, 0x7}}, @measure_req={0x26, 0x8e, {0x2a, 0xf9, 0x7, "2e994e14c7a2793125eaaf7d52fb7a77a53c9b06b2532095499c5cd5a70fdaf35746bd395eb6dd0bfdcb2370c25983cb50c1f3e5f980aea658a9553f131be1d2d26f38311d5a27da8fe593fde5b6bef82cfd0a4de4a960441c751cbe531e4c2abf6a8722d2cc372e7695d2d70338008802f5d96af1d49e309482e3c98863544a310b0a05b9d24a92685c2c"}}, @ssid={0x0, 0x6, @default_ap_ssid}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xe, 0xbb, [0x3f, 0xffff, 0x0, 0x401, 0x800]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x3c5, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1}, {0x30}, @broadcast, @broadcast, @from_mac, {0x8, 0xb72}}, 0x80, @random=0x7f, 0x8118, @void, @val={0x1, 0x6, [{0x3}, {0x6}, {0x48}, {0x6c}, {0xb, 0x1}, {0x6c}]}, @void, @val={0x4, 0x6, {0x0, 0xe2, 0xb2, 0x6}}, @void, @void, @val={0x25, 0x3, {0x1, 0x3, 0x9}}, @val={0x2a, 0x1, {0x1, 0x0, 0x1}}, @void, @void, @void, @void, @val={0x76, 0x6, {0x9a, 0x2, 0x17, 0x5}}, [{0xdd, 0x16, "15e9477f8908e7932e1ae3dc90331e71d38bb54fc14d"}, {0xdd, 0x23, "39773a8b283a8d04aea7a46dda5f5fae8cf3a1e885358d051b6c9cfe7d4fd5eb8b1967"}, {0xdd, 0xd3, "89bdc6120287fca0e762c2602b1631d7f17e6b52412a0450c6f2d2046e2db368378b24b315b838f5a882359703710d396f2d63a29714a1c9d3c45e24586950ce19c2979de659460282b9133a22825ebe0ccd90c504233b6b3f68e9d4a3ec4aae44fedd3f4c6656d81df3a919fe4896d856d86da0c0dc817f185a4e5361c9d591ac4a978edc0793a3e38df1da0d2878ab69b8530db95d6c6ae394752235e9c0f6a71d7945afaf413b006c037db27f4523e314c8a84d00f98f3504be759580e2f4550b4e38a69e38fb39188a6e0c583e4ab0684d"}, {0xdd, 0xb7, "5ce0ebcc2fa3e6d16a9e0f4572bc4ad2a51694d3d184a846962ef45f4e400f019a961fa74083f36f826dad2fa0f303d5016d3982cce7c0c8854e275e9fb8bb17ce2877c78bff1249a389557cab28aa35eea492d0e3dbb3b130317597e4bb1339ea170ae2d7f2206ab4dd0ad4db021ae0219c11c69ede113fe8b5c98189e79ace77570f39f61c52b915068898799b32b1c6a075a8ba53748e887ee7bbd484ec66714caefe59094abfe61839533bf9540f1216a125bca650"}, {0xdd, 0x6, "28f8f1141664"}, {0xdd, 0xb7, "70b67511c8dec6a25f43814aeb02aaa99734c1eeffc3e07c14142c191db92ba18e3cb2c4760f7b1851aeb97a50c6576311c04caf207ad96b4e9eb96e74dab61220ce6c297d6340c0b324e060b73697d241b15770f77e0769ae9c78a746bff5383fb3e1919a0b4fcfc21d69a5a151e8969b10c35c9be1e45ca1b9c90f40bbfbaa7dcfba9ee9a6216411a61f42c4ff625791ab67904668145de031fae9f8405f21cc471d66dcecbd35243e8829ed984ac597d679dba6a041"}, {0xdd, 0xef, "78019830f7879ddf05df9789717290938b6e966e5ebad29a223383910685f3eabbc636018d9347ac288028f7c00a0c6ee93d255b19cee4965c7b57f956459df6d30df5d9e6da004a1410a1c3aa14c095d86d5c66313df9abd8f76f86eb93332447a485564113936cd7ad39ae07df595461936ff5d71f4aa83afa5a4f665385f26f96fccfdeb2b165211685b2272303dd7ac10118be4304fbdb95a129ccf813c0dd3dcd211a2c4763e64130ed2625e2f34c27e981bf613bbc6561d6bdee63986a6a699f3186ec5510a6443f8f37efabda6067483cf41435ebdb13dc33578ab22864349ea4ea2e87359138fae4785acf"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0x14, 0xbb, [0x800, 0x7, 0x41, 0x8, 0x1, 0x8, 0x7, 0xcd]}]}]}, 0x20a8}, 0x1, 0x0, 0x0, 0x4044004}, 0x4000000) (async, rerun: 32)
setsockopt$MRT_PIM(r0, 0x0, 0xcf, &(0x7f0000000040)=0x4, 0x4) (rerun: 32)

14:33:03 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x20000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:03 executing program 0:
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_ext={0x1c, 0x3, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x2, 0x2, 0x5, 0xa, 0xffffffffffffffef, 0x8}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x7, 0x29, &(0x7f0000000080)=""/41, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x9, 0x80000000, 0x3}, 0x10, 0xdce6, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r0]}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x6, 0x1, 0x300000, 0x1a10, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x5, 0x5, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7fffffff}, [@jmp={0x5, 0x1, 0x4, 0x1, 0x7, 0x40, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x3f}]}, &(0x7f0000000380)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x9, 0x8bb9}, 0x10, 0x1f2d1}, 0x80)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:33:03 executing program 0:
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_ext={0x1c, 0x3, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x2, 0x2, 0x5, 0xa, 0xffffffffffffffef, 0x8}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x7, 0x29, &(0x7f0000000080)=""/41, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x9, 0x80000000, 0x3}, 0x10, 0xdce6, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r0]}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x6, 0x1, 0x300000, 0x1a10, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x5, 0x5, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7fffffff}, [@jmp={0x5, 0x1, 0x4, 0x1, 0x7, 0x40, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x3f}]}, &(0x7f0000000380)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x9, 0x8bb9}, 0x10, 0x1f2d1}, 0x80)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f0000000140), 0x80) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_ext={0x1c, 0x3, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x2, 0x2, 0x5, 0xa, 0xffffffffffffffef, 0x8}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x7, 0x29, &(0x7f0000000080)=""/41, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x9, 0x80000000, 0x3}, 0x10, 0xdce6, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r0]}, 0x80) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x6, 0x1, 0x300000, 0x1a10, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x5, 0x5, 0x1}, 0x48) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7fffffff}, [@jmp={0x5, 0x1, 0x4, 0x1, 0x7, 0x40, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x3f}]}, &(0x7f0000000380)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x9, 0x8bb9}, 0x10, 0x1f2d1}, 0x80) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

14:33:03 executing program 0:
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_ext={0x1c, 0x3, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x2, 0x2, 0x5, 0xa, 0xffffffffffffffef, 0x8}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x7, 0x29, &(0x7f0000000080)=""/41, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x9, 0x80000000, 0x3}, 0x10, 0xdce6, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r0]}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x6, 0x1, 0x300000, 0x1a10, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x5, 0x5, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7fffffff}, [@jmp={0x5, 0x1, 0x4, 0x1, 0x7, 0x40, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x3f}]}, &(0x7f0000000380)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x9, 0x8bb9}, 0x10, 0x1f2d1}, 0x80)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f0000000140), 0x80) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_ext={0x1c, 0x3, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x2, 0x2, 0x5, 0xa, 0xffffffffffffffef, 0x8}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1}], &(0x7f0000000040)='GPL\x00', 0x7, 0x29, &(0x7f0000000080)=""/41, 0x41000, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x9, 0x80000000, 0x3}, 0x10, 0xdce6, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r0]}, 0x80) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x6, 0x1, 0x300000, 0x1a10, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x5, 0x5, 0x1}, 0x48) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_ext={0x1c, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7fffffff}, [@jmp={0x5, 0x1, 0x4, 0x1, 0x7, 0x40, 0x1}, @map_val={0x18, 0xb, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x3f}]}, &(0x7f0000000380)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0x9, 0x8bb9}, 0x10, 0x1f2d1}, 0x80) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

[ 1334.312887][T24766] FAULT_INJECTION: forcing a failure.
[ 1334.312887][T24766] name failslab, interval 1, probability 0, space 0, times 0
[ 1334.331224][T24766] CPU: 1 PID: 24766 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1334.342948][T24766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1334.352993][T24766] Call Trace:
[ 1334.356279][T24766]  dump_stack_lvl+0x1e2/0x24b
14:33:03 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

14:33:03 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) (async)

[ 1334.360964][T24766]  ? panic+0x7d7/0x7d7
[ 1334.365023][T24766]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1334.370464][T24766]  ? selinux_kernfs_init_security+0x1a8/0x760
[ 1334.376509][T24766]  dump_stack+0x15/0x17
[ 1334.380641][T24766]  should_fail+0x3c0/0x510
[ 1334.385029][T24766]  __should_failslab+0x9f/0xe0
[ 1334.389782][T24766]  should_failslab+0x9/0x20
[ 1334.394288][T24766]  kmem_cache_alloc+0x3f/0x300
[ 1334.399053][T24766]  ? __kernfs_new_node+0xdb/0x6e0
[ 1334.404051][T24766]  __kernfs_new_node+0xdb/0x6e0
[ 1334.408887][T24766]  ? __kasan_check_write+0x14/0x20
[ 1334.413998][T24766]  ? mutex_lock+0xb2/0x1e0
[ 1334.418405][T24766]  ? mutex_trylock+0x180/0x180
[ 1334.423148][T24766]  ? kernfs_new_node+0x170/0x170
[ 1334.428057][T24766]  ? __kasan_check_write+0x14/0x20
[ 1334.433141][T24766]  ? mutex_unlock+0x29/0xf0
[ 1334.437629][T24766]  ? kernfs_activate+0x409/0x420
[ 1334.442559][T24766]  kernfs_new_node+0x97/0x170
[ 1334.447225][T24766]  __kernfs_create_file+0x4a/0x270
[ 1334.452312][T24766]  sysfs_add_file_mode_ns+0x273/0x320
[ 1334.457832][T24766]  internal_create_group+0x55e/0xf50
[ 1334.463089][T24766]  ? sysfs_create_group+0x30/0x30
[ 1334.468082][T24766]  ? kernfs_put+0x48/0x540
[ 1334.472469][T24766]  ? kernfs_create_link+0x1a0/0x210
[ 1334.477661][T24766]  sysfs_create_groups+0x5d/0x130
[ 1334.482660][T24766]  device_add_attrs+0x8b/0x3e0
[ 1334.487397][T24766]  ? device_add_class_symlinks+0x27c/0x2a0
[ 1334.493208][T24766]  device_add+0x4e6/0xbd0
[ 1334.497520][T24766]  device_create+0x258/0x2e0
[ 1334.502088][T24766]  ? root_device_unregister+0x80/0x80
[ 1334.507439][T24766]  ? number+0xd9b/0x1040
[ 1334.511663][T24766]  bdi_register_va+0x94/0x600
[ 1334.516311][T24766]  bdi_register+0xd1/0x120
[ 1334.520724][T24766]  ? __device_add_disk+0x536/0x11d0
[ 1334.525890][T24766]  ? bdi_register_va+0x600/0x600
[ 1334.530800][T24766]  ? vsnprintf+0x1bfd/0x1cd0
[ 1334.535370][T24766]  ? __kasan_check_read+0x11/0x20
[ 1334.540372][T24766]  ? blk_alloc_devt+0xd4/0x320
[ 1334.545114][T24766]  __device_add_disk+0x5cb/0x11d0
[ 1334.550114][T24766]  ? device_add_disk+0x40/0x40
[ 1334.554852][T24766]  ? loop_add+0x380/0x760
[ 1334.559152][T24766]  ? vsprintf+0x40/0x40
[ 1334.563282][T24766]  device_add_disk+0x2a/0x40
[ 1334.567846][T24766]  loop_add+0x58f/0x760
[ 1334.571975][T24766]  loop_control_ioctl+0x564/0x740
[ 1334.576971][T24766]  ? loop_remove+0xb0/0xb0
[ 1334.581363][T24766]  ? __fget_files+0x310/0x370
[ 1334.586035][T24766]  ? security_file_ioctl+0xb1/0xd0
[ 1334.591119][T24766]  ? loop_remove+0xb0/0xb0
[ 1334.595508][T24766]  __se_sys_ioctl+0x115/0x190
[ 1334.600168][T24766]  __x64_sys_ioctl+0x7b/0x90
[ 1334.604736][T24766]  do_syscall_64+0x34/0x70
[ 1334.609124][T24766]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1334.615002][T24766] RIP: 0033:0x7f77b238e0d9
[ 1334.619396][T24766] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1334.638974][T24766] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1334.647361][T24766] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1334.656174][T24766] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1334.664119][T24766] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1334.672156][T24766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1334.680201][T24766] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1334.689021][T24766] ------------[ cut here ]------------
[ 1334.694500][T24766] WARNING: CPU: 1 PID: 24766 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1334.703704][T24766] Modules linked in:
[ 1334.707654][T24766] CPU: 1 PID: 24766 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1334.719364][T24766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1334.729442][T24766] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1334.735244][T24766] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1334.755032][T24766] RSP: 0018:ffffc9000633fbc0 EFLAGS: 00010283
[ 1334.761350][T24766] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1334.769432][T24766] RDX: ffffc90001b10000 RSI: 0000000000034eee RDI: 0000000000034eef
[ 1334.777502][T24766] RBP: ffffc9000633fd08 R08: ffffffff82410506 R09: ffffc9000633f610
[ 1334.785552][T24766] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1334.793561][T24766] R13: ffff888113e85000 R14: ffff888113e81338 R15: ffff888113e81000
[ 1334.801667][T24766] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1334.810657][T24766] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1334.817411][T24766] CR2: 00007f77b10bdcc0 CR3: 000000011d501000 CR4: 00000000003506a0
[ 1334.825412][T24766] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1334.833452][T24766] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1334.841453][T24766] Call Trace:
[ 1334.844754][T24766]  ? device_add_disk+0x40/0x40
[ 1334.849560][T24766]  ? loop_add+0x380/0x760
[ 1334.853967][T24766]  ? vsprintf+0x40/0x40
[ 1334.858154][T24766]  device_add_disk+0x2a/0x40
[ 1334.862765][T24766]  loop_add+0x58f/0x760
[ 1334.866953][T24766]  loop_control_ioctl+0x564/0x740
[ 1334.871998][T24766]  ? loop_remove+0xb0/0xb0
[ 1334.876440][T24766]  ? __fget_files+0x310/0x370
[ 1334.881120][T24766]  ? security_file_ioctl+0xb1/0xd0
[ 1334.886265][T24766]  ? loop_remove+0xb0/0xb0
[ 1334.890696][T24766]  __se_sys_ioctl+0x115/0x190
[ 1334.895362][T24766]  __x64_sys_ioctl+0x7b/0x90
[ 1334.899972][T24766]  do_syscall_64+0x34/0x70
[ 1334.904401][T24766]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1334.910346][T24766] RIP: 0033:0x7f77b238e0d9
[ 1334.914770][T24766] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1334.934419][T24766] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1334.942856][T24766] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1334.950930][T24766] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1334.958916][T24766] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1334.966893][T24766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1334.974858][T24766] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1334.982849][T24766] ---[ end trace 36e3028cd67c66d9 ]---
[ 1334.996015][   T23] kauditd_printk_skb: 3 callbacks suppressed
[ 1334.996027][   T23] audit: type=1326 audit(1669991584.449:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24806 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1335.025509][   T23] audit: type=1326 audit(1669991584.449:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24806 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
[ 1335.049213][   T23] audit: type=1326 audit(1669991584.449:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24806 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
[ 1335.057450][T24804] udevd[24804]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1335.073625][   T23] audit: type=1326 audit(1669991584.499:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24806 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:33:04 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8, 0x56, 0x0, 0x40}]})
syz_genetlink_get_family_id$fou(&(0x7f0000000000), 0xffffffffffffffff)

14:33:04 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

14:33:04 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x21000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:04 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 51)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:04 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x7, &(0x7f0000000080)=[{0xff, 0x20, 0x8, 0x80000001}, {0xffff, 0x88, 0x3, 0x9}, {0x0, 0x3f, 0x8}, {0x3ff, 0x1, 0x57, 0x6}, {0x400, 0x40, 0x7, 0x3}, {0x0, 0x4, 0x9, 0x8}, {0x2f2d, 0x8, 0xff, 0x40000}]})
timer_gettime(0x0, &(0x7f0000000040))

[ 1335.266009][T24818] FAULT_INJECTION: forcing a failure.
[ 1335.266009][T24818] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1335.289316][T24818] CPU: 1 PID: 24818 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1335.301046][T24818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1335.311088][T24818] Call Trace:
[ 1335.314363][T24818]  dump_stack_lvl+0x1e2/0x24b
[ 1335.319028][T24818]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1335.324892][T24818]  ? __kasan_check_write+0x14/0x20
[ 1335.329975][T24818]  dump_stack+0x15/0x17
[ 1335.334102][T24818]  should_fail+0x3c0/0x510
[ 1335.338486][T24818]  should_fail_alloc_page+0x50/0x60
[ 1335.343654][T24818]  __alloc_pages_nodemask+0x1c0/0x890
[ 1335.348997][T24818]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1335.354512][T24818]  allocate_slab+0x78/0x540
[ 1335.358999][T24818]  ___slab_alloc+0x131/0x2e0
[ 1335.363586][T24818]  ? __kernfs_new_node+0xdb/0x6e0
[ 1335.368599][T24818]  __slab_alloc+0x63/0xa0
[ 1335.372990][T24818]  ? __kernfs_new_node+0xdb/0x6e0
[ 1335.377983][T24818]  kmem_cache_alloc+0x1ef/0x300
[ 1335.382808][T24818]  ? __kernfs_new_node+0xdb/0x6e0
[ 1335.387805][T24818]  __kernfs_new_node+0xdb/0x6e0
[ 1335.392644][T24818]  ? kernfs_activate+0x409/0x420
[ 1335.397552][T24818]  ? kernfs_new_node+0x170/0x170
[ 1335.402535][T24818]  ? kernfs_add_one+0x4c5/0x5e0
[ 1335.407356][T24818]  ? __kernfs_create_file+0x1fb/0x270
[ 1335.412698][T24818]  ? __kasan_check_write+0x14/0x20
[ 1335.417785][T24818]  kernfs_create_dir_ns+0x9b/0x230
[ 1335.422867][T24818]  internal_create_group+0x29d/0xf50
[ 1335.428144][T24818]  ? sysfs_create_group+0x30/0x30
[ 1335.433145][T24818]  ? kernfs_put+0x48/0x540
[ 1335.437530][T24818]  ? sysfs_create_group+0x30/0x30
[ 1335.442521][T24818]  ? kernfs_create_link+0x1a0/0x210
[ 1335.447691][T24818]  sysfs_create_group+0x1f/0x30
[ 1335.452542][T24818]  dpm_sysfs_add+0x5d/0x290
[ 1335.457015][T24818]  device_add+0x52c/0xbd0
[ 1335.461315][T24818]  device_create+0x258/0x2e0
[ 1335.465876][T24818]  ? root_device_unregister+0x80/0x80
[ 1335.471224][T24818]  ? number+0xd9b/0x1040
[ 1335.475523][T24818]  bdi_register_va+0x94/0x600
[ 1335.480181][T24818]  bdi_register+0xd1/0x120
[ 1335.484568][T24818]  ? __device_add_disk+0x536/0x11d0
[ 1335.489741][T24818]  ? bdi_register_va+0x600/0x600
[ 1335.494747][T24818]  ? vsnprintf+0x1bfd/0x1cd0
[ 1335.499314][T24818]  ? __kasan_check_read+0x11/0x20
[ 1335.504310][T24818]  ? blk_alloc_devt+0xd4/0x320
[ 1335.509043][T24818]  __device_add_disk+0x5cb/0x11d0
[ 1335.514041][T24818]  ? device_add_disk+0x40/0x40
[ 1335.518784][T24818]  ? loop_add+0x380/0x760
[ 1335.523081][T24818]  ? vsprintf+0x40/0x40
[ 1335.527207][T24818]  device_add_disk+0x2a/0x40
[ 1335.531771][T24818]  loop_add+0x58f/0x760
[ 1335.535897][T24818]  loop_control_ioctl+0x564/0x740
[ 1335.540889][T24818]  ? loop_remove+0xb0/0xb0
[ 1335.545276][T24818]  ? __fget_files+0x310/0x370
[ 1335.549925][T24818]  ? security_file_ioctl+0xb1/0xd0
[ 1335.555012][T24818]  ? loop_remove+0xb0/0xb0
[ 1335.559579][T24818]  __se_sys_ioctl+0x115/0x190
[ 1335.564225][T24818]  __x64_sys_ioctl+0x7b/0x90
[ 1335.568792][T24818]  do_syscall_64+0x34/0x70
[ 1335.573179][T24818]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1335.579041][T24818] RIP: 0033:0x7f77b238e0d9
[ 1335.583517][T24818] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1335.603092][T24818] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1335.611477][T24818] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1335.619422][T24818] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1335.627372][T24818] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1335.635317][T24818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1335.643264][T24818] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1335.677520][T24823] udevd[24823]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
14:33:06 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$igmp(0x2, 0x3, 0x2) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r1, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x1c}}, 0x0) (async)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000002180)={&(0x7f0000002200)={0x20a8, r2, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x40, 0x6b}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x1f}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x286}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}], @NL80211_ATTR_CSA_IES={0x1360, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_FTM_RESPONDER={0x278, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x69, 0x2, "3a4f1323d6d5e79f353e199bc7b3538a21c2e1ed1d3efe7abd81ba6091fff072ebd4e973db5e6764b06d61a52c70a11a6e86e58b0a1dd4cb2106b264132b32732c7c904d5b072c7c2015f9acb604cf8e4fcf81e3240871623a95491a2463bcdb190a7539b1"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x83, 0x3, "2a0de473d5ca5a521411cda2d23d91939583743356f2d53f581f9dedb0f4343f334526bc7b148e197e5b99a8b227d31324f01562e7d7507ea241cf002da85fbf7284c65995cb9d478e02d952fe35008490ee6f57e58711f31a8cd2e1acf54ab7f4b058e3c78e32cdfece2ac3f0685b48ce3e3a6539e8fb390a1b4757abf1bd"}, @NL80211_FTM_RESP_ATTR_LCI={0xdb, 0x2, "a479ec7af5d55fdf46d7c5f5a824dd5e15ea79b21c2f8ef2849121567a1da5036a3418513a6731e507897ba27e6f0aabf75eca799907cc637a0ec82a3d622befb74aa5ed182e378c60fae239bc310a78da9c9cc9f28c0a54d203f98ca62ed0130fd9965df52f1a39ddb738cd63a142b146bc08fc415ad50280795fd9523cb6d84912fa2793f21a015d71c4a718019e6811dedb2f11d515b586bf9a3c9bd8d2401cce5469e60cb6d01cc0523d961d37572e59fe15fcc59e365a96c23496ca123fc6ef6d8f0ac53a6ea750ca2e27110c53a0a0c8339ad60a"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xa7, 0x3, "95693636fb79800fcd53eb05cfa721e0017f43fce5c1c42ffb3d0fea8814573966578ab1abfc96875eaa1dbc4ba2b01b898d9d3ad33054022dcd066adef35e032ea5bf149855d3afc690b43cec92f5793d32d01e924e85c2eea47908a7a9dcac026748bda4e8227e3c3da8821c8f92c9dfe6e29a41b54746baf802b546ca769c02f9494e4f62fa2e5e8207612dd3014c17940b6323fd6c33dcce5077f6530080b72b64"}]}, @NL80211_ATTR_PROBE_RESP={0x500, 0x91, "d9f0d942afa1ad3285d686fb56cb6fbf17f117ba1b0ceff669e64de6a137bb3823ad67cd4cffbdac1bb0711389d6e6156c094265ac8727b03c221d6e27d8cba4b0e69753a52b493c291ecd80921a07277bd8129ae6d6aef3b4d9013da948cf877fd257d6eb5c0c7653981dfd7d481f4403ed479c7d93d215631d5ed8ae64e2feac046d9c4d2edb304d3e66878b527d7bbd2777741f593b8161322d552b0306ee6fe2cd5a132cd007b3e2a5907286fef4e0424d5d04c102ec901db086de0cd55175e817123c4f43f6af036ad5e82f6535002d39b3b68a5b86bcab1ca69a3fda7a3c739b79610e34c7027e2abd51079983834e1ef21bfe3f7b7437d364c2d5daf399d1708a6322c33ea1422d07a34fa14d651753053166ec52209e04bd88b7c551f9d3222232f5a88cc05c73573a733bb5c5cadc37e15bd8530a10df8c4c668e1fe3d0aa8517f24430ac7e7df270a8512b7e03234e2bef3d4463bc11e781ef8bccce93d9b103f7b48922c6af16f22f0869c31bab2917082a61e03aa5d4cd99087282990a7ff3abecd02a60e3fc0e09faa43343cf7fdb141e48bf5804a0f532a248a9e53883c8c0f904b5fc0938931fed55d1127737914a274a88c2aff97c7855a615c044cda000a6c4b0c018ed95c995eaa9af4e6e9cedfb408d376114f2a47a07e51cb7c650f15e8cdbbfd8eaac041eced83fa1403875a7899ab145bb718df32b79fd8b51c239918e00372578ddca7d84cf45d4d7d320c7ab611f7f6baf256b30df2ef63ae7cca7a19a6658fdc03dfe90c895d61c6b80450a87eebbf65f9ca10fb711e17143447fd5bf3dedaeddc35ce11f6388d5e98a1bed56e7bd5285f5e22b1c5746d2f0d822c31ae9b768b2f0afa2bde54df4bef2ee1e706fac504eae682c162ae8f728d4b44611514d2eaab4af757bc4feb6071b5b29f347ce0ad4daadaa8bca9675ab245047678cd996bbfd591d20bc801e5a76b3aeddb639b28062a66d2829e962939ec07be3a6c02c419bbc58935d5cc16073160ae20f98c65177c742ef164c9c9d771d497ff3beec67701f382f5c91d61f8b73c0bf091404eeb3f38db0a699b56c097d5b6b4042b8417082d46dc65a8f12c52622abb0bd0384b31cf26ce6571027161677afccf5679b145a6c5d18e1adc54353634db70cf33c9ab83a03630e382b9f484789b1ac0cfdf820245dd603fc6f83bff30c93a1af84b7b7f5b38feeebf8acc9bc3084ee60a226424843705d7839dc2b42621ea6401f7842a876e0087fea677eae7be3c7e7c48a632df6f362ca530127bf57f1dd999538d39246254a16a94b4b08a7713a3fb226062badaf18c264e969b40378745a8547c927b1f96d83160fffd5748dcd2be289cb6a88d353016abeffa0b5887a8ec64a0d3ef19edd506c4d44406bc50ba7cf4c1cfb85be9627b1bbc0dda28394b41f0ab8c91e67e05997198f28bcc841a824db08c59f27de2bff9454051e1b3abe3096179794b294fa90b98ad7e2c49e52cc1a9dc5a2bb55f4fe2257a3ae10e0e70c161c408814df329e23cf2e2225a1b8f85a699179a4a347add329e3f9cf6c1e9af0249921e827c6360111c02b320b7f7a013c863b8766c10bc0582bdbb0f09e860d5621763aaa4544e07dc5a8bb1b667d1d080b3d4dfc73003072059d37d9268365991b3fd864a60ed2d6e7fd459fbb5df11af2f6cefb33a0c439a2ef65c3bf3495522283f381089b86ad839ebbe0274b35ea870dfeee2c76052d6f4520de1bda4bb5e29471cb7cd51f0511f202b7244276c08903f055e46cc877388839d0df"}, @NL80211_ATTR_PROBE_RESP={0x76c, 0x91, "414c0102276a7b1950b17928d8859e863acf4ac76ddef67bc20aca4831ef898a72c9c01037acde477b5aedefaaf5f173f46ea6c36ce67b8af0ca945c8ddbee58f26c1c6bd6976dfd48582c4f4c9c19ebffbe12e38e37372a8f6bece71937135a10512b2e94243c88ae8f1cc592607b78398b5d23bc71e835903397f4a96d93988dd8223707f7d0188cb3e17ab33a58e76f889744ca7cb5ae580135580b6e4b8528134978fcb74a43d61fa489f7f142d4d329cec6e37b9ff5237214e7ce81e5b9f4e06a806a26dec665e576dd9593e06cbbe5c7c80fa145fb00a08edd6067157ed993f5b3a9530c08a2a53e78abd5f73b1e7dfddf5c02d09c4c5d150906ae4d06fe30b7d01ea9c378820688a8a557dedf982bb5b606a0dfd69f977ba1d9d2f3229d49cf203bfbac225e4bd634d104428af530c961c6bf266c0ec6682ce149d242e042b2e72f32f1235a3ce78fe24b711609ad2cf90e592c211d5210f56db37d7282194e3aa05679df4e6b74b18741163f5aa5a5304caf5efbb944a6b45a44f47609f2153506810f3b02aad15c9664c28797b030c5e617d8b824a2d02203c81a8b869357c667f01e6da7b26bc6d2b0129233fb3c2d71cb2468dec7433eabe018090bd53a8ef115861e6f25af9b2355e8a6c5b538965c1a177d4d733c9854cf3e26b09b638d71cabdac791ea8991aae64897f0905fb51e02c338c073f59b883399d4af154e4dda1a28bf93e7808ffd4aa81a7c36959bf846c82ac1858ab2b98d9e77b1ed83854c1810622d48202afd7c11f98a2763f665cd9c8fca901b8c942d0be601536da54c9764bae8586f12fd19eb7aea8b9ea706802d1a5d7348f55ff7fb3620bb0546489737cd3977ae97b0c3ab742cde0bc1996d23cea19b4a5a011cb88081bb6dcdd2af7da55a63451aa4bb8e9e4afb6821b820b000696075e3885bcb5f4b31c065d5315201150f11cbe1cb319499876e5fe9f1baed9939a84fee60a23e45e29d151ae54d2f7fb8cd59e2758529469f8f7ffda4b175207195809b6ee767fe7ed3f8d2d32a3302eedefd2adb7aeae48e02e0a267915adaf76b40766338c9dc98201b29b2303523091364afa580dc618b837607c97c6fe0e254689e48e9f611244d3809e4bd26823f6ee3e0c0594cc42e7e8da99bd81a6b0b1e369c5569bb28e55209272647c6e3a22ac8ec17eee3c5df492dd2465c3a9c38e8da07dd89de76679d89333e085d82d80d9e633df17df18c1b6f5436013144f3853bc6e2ed80011ee1cb7c5b83088c04e85aae39bc0b9d27c7c9c039606a0bed2159a7c8e982c9796e5b40da5663ded26e9a9aa9bc66220ad2a608975337321455fd03c8f363398d3163c787f69194e4421c5142565c9898f7581afa90d179db0e71a939d6144aa9efe780f154dc12363b0bdcc3e8526afadd35766e657450151f1b8ec383e41050f471e289420c8187548651af86687d9f6f3cdd60302cb956e3c16630364e201a6a94de69b06ebada9499c728b53559aa8a1ed971b9845a4bb4abe7d32b5302fd058b3984537a04f49cc91ce4fd5a5b889a700bfa5f084ad94da30c85ec8e09042d1347fb05f0121cb8e624bfe806150bf385d00b68d9d31d8ac72c01a5a35b8511678774982e79651e82b7d8ec77a77515478918db5da897918c77aa2fbd6efacd145134f458b26af01e739333d41e581074db7df4a3d717c7be9295efed1127511b4d30649caed0bc16b0bf3d2041354ecad0eb46983cdf3e532919d2e807f656ca07989ffb34bee5a33d27d8211fb2db980840f1be4c9819c367a81323842b60a276d87f7a7371e0f0e6c0682d6b7eb0de73ad76db3629d742f703eddc5b1ab47a221a9fbfd586b0d646fb598cddbf9a68498feed0d0406b3ff8ae80b3b42d936cf203a4cc733948ef8762be1fe105dda7f2cadf3e616035132c55aec9e27b93c4224c3f82115e4dfd588d625e098c7a24ecb45ae6d27675573f0ea5f93a62340d6a8d21fb1931f17b87754e79d1da02cb036f9f0329979bbad82184155d097e3c7dc0efceffc3508d94569de59cb8289f5abd6f8091ab44f7fc0d71aa3babe143b2e3cb778bd4a63aec8403d1792c96a5414e71b980341c7309ae3f3e4f22f0cb2663f3c2ad1539ec9ce525600fdfc027037802abd866089d7c16ba919a8e0e2c726ea4d090ab32b46d240e453e56d16949ca0fa19ed96ee4c9da2391aa9ce278566a3f1bcf884638954d5076654272cf74c2ec098ad3f86a002d1fa436bda72b69ae5c01071b5c47f3e0f0fbbe816319cb5777f4d18244d7b30b46ce60d587c02134c760c5b5f696c2b2ce2c6951b861345268e8d8f52fa42d9ecb82787421589e9d2305c177003c8ff4440fa3b4711d7f14118c46cdede94eb2c85166d7653c4f56d993f7b650a89fc58bdf9df7797a36dcd92a984d766d0380d496e9b9db708a60ad719d5a8169a7d40386b63f31c14f1bcdae85169bc24c92376f568a941e29e96ceb1e9eb6d45be615d6a3547a79e401b19c5a4e91a186bca2846adce4215bf7c0c516d8847c20affac8f9baf2e9aa67028be86869c54a4d012f7c9f621ea9be66ae824ae01f93f70a64d6f967b363ad026beafdeb7f426835587ccc1c8a6814be20b870772581d84e2f571255af6c5b5ca89920deb3e0071485271f33e9e24ad1f"}, @NL80211_ATTR_BEACON_TAIL={0x31, 0xf, [@ibss={0x6, 0x2, 0xffff}, @cf={0x4, 0x6, {0x1f, 0x33, 0x7, 0xffff}}, @ssid={0x0, 0x1f, @random="87d6e03562ca708db10a7f83d4721632113e094b59fad654c0cd2b967447f5"}]}, @NL80211_ATTR_IE_PROBE_RESP={0xd, 0x7f, [@mesh_config={0x71, 0x7, {0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x1, 0x8}}]}, @NL80211_ATTR_BEACON_HEAD={0x27b, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x5}, @broadcast, @device_a, @from_mac, {0x9, 0xaa}}, 0x6, @random=0x5, 0xc0, @void, @val={0x1, 0x7, [{0x4}, {0xc}, {0xc, 0x1}, {0x64}, {0xc}, {0x6}, {0x6, 0x1}]}, @void, @val={0x4, 0x6, {0x7f, 0x1, 0xfffd, 0xfffc}}, @void, @val={0x5, 0xfa, {0x81, 0x81, 0x7f, "e752ea264aaf9dc1c56799050fcca9918b2170a67607092db438eff14a09cce8f6af0fac39c2fcc7af8c003a2effe2f5f37efa88a586db5f8575244bc7d4567eb0906f84f31a4bc5d70f25a17bbb06ffd5da4de6fd0e60fec72e0aea594ee474cd44ce362e96481bf997a59abc7c523ee58fee627dfb6eccb9be90803f6af8c2d15bcf1b578448d29106596ac5dc19b1453a50c40efe880cd7514d0116e9cca067685997309dfe3a9d89e1241988fd8f3c9fe22c66134f6ec33121c6e3f07c32fc77f0b3d4e9336f56393b04ed93f20ad1455ad912f88e91dc8e24e07123c1aa06ebbb4f54b34103093dcb6f2fda768189edd614018067"}}, @val={0x25, 0x3, {0x1, 0xa5, 0x3}}, @val={0x2a, 0x1, {0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x43, 0xb7, 0x95}}, @void, @void, @void, @val={0x76, 0x6, {0x2, 0x0, 0x1d, 0x1f}}, [{0xdd, 0xd, "8df90f4b2ed5243bbddb8b943c"}, {0xdd, 0x44, "cc38382410126506127f3f00acb25f5622e240e573f29b5024595caeeffc7b038dbe71c15287ea22dd611bb020aa232eacee87204da273f887af489f6de6a779f1779508"}, {0xdd, 0x89, "878e9db568a0a2f0a9c5c508a6384ca58de95d73628c67e5b4cfa802580234f7bb6e0fd6d6a4e92561c4f1dbf0d92f903ea8da76369cc2701643d93f1830d79aeb31e6959c85b91351a551707a9b3b7e9a47feeb56bd0a38836a005f21f373b8cd9c23dca9bd7a394a6bbcd5320e37b492e530e514d2bee2b3e35241d59651bf74bcb389c8457ff4d5"}, {0xdd, 0x4e, "c41eadd98234953a3317be3cc7b8671ad8036d58692d90aebc6139874b8c9792889d3aa58fb066ea32e2b191097d1f8531bbd54b2b44ea90c3842ec00936b52ee733bc4b2802d92fcc01e6e15e39"}]}}], @beacon_params=[@NL80211_ATTR_IE={0xa, 0x2a, [@peer_mgmt={0x75, 0x4, {0x0, 0x2, @void, @void, @void}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x1ac, 0x80, [@ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb4, 0x1}}, @random={0x0, 0xbd, "a0fbb51731f30ca64fad927a5e271d8b7c0340a1dd2f0eae027b763715419e3d8ec6b4b2c7849ed859e2e341a772c70737e96b841f7daad39c4e348e105cc8a291e9b6c21c7784ed29009cfdd612a647a2000c7915e4c268cc3c768e1b8de74aac20770d7339b32f05748d582c90e5a673b5bfbcc794b4aece4b8579b69b32af5ae938cf753b9a03921d71ee7cb29d45b4a74c78d5082ac33062ea680ce872a0f1af9679218dba55c48345687d7b5f3543e6d83c1617b3d7e5940376cf"}, @erp={0x2a, 0x1, {0x1, 0x1}}, @random={0x3, 0x15, "8575bd3513fb90be825c11ea202a38ebe4ad1395b4"}, @channel_switch={0x25, 0x3, {0x1, 0x64}}, @random_vendor={0xdd, 0xba, "3ccf4e0910ab43006d91824f3cea1e8a30ebedfa5763072e6e10330e1e53cce5123f68de1ff1c187533d5bf1029785b8b497c43e0e5420ae2b18c9d177ebd4b5654f96d49fd424c26d53996156dac65c01558bef5d184f845d39bdd103f5ff0a0a62b5b1d7e21eff0a232dbd1766674a1d25f38797ada936a9c972dfb3a689032bd0d7594b5c4280a8055320bcff15f119cdf758d58f8c7f731e6d927c93e2ef6a6ae2d783f5365041752fed381c76449d05852195aa4cdf706d"}, @gcr_ga={0xbd, 0x6}]}]]}, @NL80211_ATTR_CSA_IES={0xcd8, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_BEACON_TAIL={0x1cf, 0xf, [@cf={0x4, 0x6, {0x20, 0x3f, 0x9, 0x40}}, @tim={0x5, 0x28, {0x0, 0x92, 0x8, "6ace953e1c12d35e75b3c882bdb348eda79ee1adb3f9c25d7ebd123765d12838dcac29e1cc"}}, @cf={0x4, 0x6, {0x8b, 0x0, 0xfa3, 0xffff}}, @random_vendor={0xdd, 0x46, "327207b56405b95836ef4ab485fe78ee21762f1651c29df1ef1f416bece25f21da4f9d0cee6f6126a15041068f0b5b2bade64f4b611d1d968665f553b4122dae0d9fa3f42da7"}, @random_vendor={0xdd, 0x73, "a7395e32480f03ab56205b18510b62ba43de6adaec53445388aecc5bde94aab7ad1af107116d9d1e0a9052a589370d6bee5199daf8b90db1a57b53aa5e8f4925fc2f09e3ff0f76e1c66ff1ace475ad89b0b337353644dad3604f1263c82c9a3daf93a35ee71204a3f32137cc9676e8a167409e"}, @random={0x2, 0xc4, "01cf5df34f300036f888eb03a0583bdbf112fdc6a48c8504bf52b89347fc382de58f556659c15e88126bf2ad6b0b90e8d65b07596cdae85e9ff47806bbf9fe017c968e8143e5f7fcf8db19620bb7fea89c9729b694d3656872a83afb500db96b3dfe6d40f82fecaeec4ff1a3298b872a799f4c139ba8a40dbd7a6b5fbc05a31847305dfe6484e7153c656b0afea23b79e55b9e4ceafafc590d5d60d8d42241f5107ea0a2375917032c483feda6aa6375295c331f9a14c66a76644b2a6e2100905dafebec"}, @cf={0x4, 0x6, {0x5, 0x80, 0x6}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0xb1, 0x3}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x1b, 0x80, [@link_id={0x65, 0x12, {@from_mac=@broadcast, @broadcast}}, @erp={0x2a, 0x1, {0x0, 0x1}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}, @NL80211_ATTR_FTM_RESPONDER={0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0xfb, 0x80, [@mesh_id={0x72, 0x6}, @ht={0x2d, 0x1a, {0x1000, 0x0, 0x3, 0x0, {0x1f, 0x5, 0x0, 0x77, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x1, 0x0, 0x1}}, @tim={0x5, 0xaa, {0x6, 0xa2, 0x1, "68310c98d8ce1bbc3e4f8751449cf1648575d2db50b03ad59e3a2528bca8480a0a7ccfaf99ea98de11b30740333e928d969e80fad2fc7fd708ea730493016dc0e3a346f9634e228f8ab399d2d64ffe8460a0a3d2c5a1113279ba831dadf33650e212f7e39d47f1bc8ac0f6b4ea25736f2a0a1bdc214e8f74d876f0854a013a6f8fe63fe7e20c228f20a95dbb4398274cd10e054531906f248a27722c8d5e446d4611be376fa8d6"}}, @prep={0x83, 0x25, @ext={{}, 0x5, 0x7, @device_b, 0x1f, @device_b, 0x7ff, 0x80, @device_a, 0x5}}]}, @NL80211_ATTR_IE_PROBE_RESP={0x9d, 0x7f, [@supported_rates, @ht={0x2d, 0x1a, {0x400, 0x1, 0x3, 0x0, {0xeb, 0x24, 0x0, 0x36, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x1, 0x7, 0x3}}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @random={0xff, 0x5c, "8bb24ca3950f5ca3d75cf52661fb07f2a30df8cfe5c256b003004166efd051324954f14c1b11de127223639a2d05ae614d3100cd371cd3cb4d0af29bd5ca2733490851f05ec53adc1088725d6a2664293982276496196c0103eaa372"}, @rann={0x7e, 0x15, {{0x0, 0x68}, 0x2, 0x2, @device_a, 0x8, 0x7fff, 0x5}}]}, @NL80211_ATTR_FTM_RESPONDER={0xd8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x99, 0x2, "3a6bf0bab7891d2e4b15a7366e58834cf7d46be144ad6604407876a03e531dbca32bfab334bade4f16972a1fb4ed06842820e8b11de8d7c3a93f55e20db14ec3b3feff886b3457a5b144a155fff8acef4aaa5da20e968b1f0530951c48f4c48596e99f0546e67152a2f53f5caded575167037015939830f20ccc03683ee1f7fa20f57333e43fc60aff83df820dc2c0cdc22c39f5a8"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x27, 0x3, "ae6488e80fffe0fe1287079f085c4590749615fc17a579c01de1e662a465056d1aa216"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_IE_PROBE_RESP={0x56, 0x7f, [@mesh_id={0x72, 0x6}, @erp={0x2a, 0x1}, @chsw_timing={0x68, 0x4, {0x0, 0x7}}, @peer_mgmt={0x75, 0x6, {0x0, 0x7bc4, @val=0x9, @void, @void}}, @rann={0x7e, 0x15, {{0x1, 0x1}, 0x7, 0x0, @device_a, 0x10040, 0x7, 0x2}}, @rann={0x7e, 0x15, {{0x0, 0x4c}, 0x5e, 0x6, @broadcast, 0x0, 0x3, 0x2}}, @erp={0x2a, 0x1, {0x1, 0x1, 0x1}}, @cf={0x4, 0x6, {0x2, 0xff, 0x3ff, 0x112b}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x249, 0x80, [@mesh_id={0x72, 0x6}, @fast_bss_trans={0x37, 0x83, {0x1, 0x3, "e23fa800254171511a6df67cecd8fed3", "a3c2c756e371afc7c97cd63c44fe03db9f2104fe906d04736a857c720108ddc9", "0503dcc4441d893ff2a6bb20ff43d69a576741e9a1ab9ecc945be4c91939b029", [{0x2, 0x1, "95"}, {0x3, 0x13, "f0fea7dd9cc729ec2e0b45412afc9fc1a43f20"}, {0x4, 0x17, "c36c0a2c401a692125d80c8bd8633ab5a98d9b640140fe"}]}}, @erp={0x2a, 0x1, {0x1, 0x0, 0x1}}, @erp={0x2a, 0x1, {0x1}}, @random_vendor={0xdd, 0x5b, "603a41744b1ddcf2bcbf86570b40d5a0c1429a264b3f94658e0898c90b18e34e2a2236e9b8439b7be5a91f151be70194193959298f1c5ca0422b2e9a493539054e1d86e8e3eb6571de782948056b28e2a3bd6335d899c556256813"}, @tim={0x5, 0xdb, {0x4, 0x6f, 0xff, "52ec933f32ceca0a020571550454efc485d406af2b7be08840ee6e97c091424eb1db3a6ff77e932da121c028ff0f773f77bd924397fc098d84b2c64570fdf9260e53a30ce309e1cb0237072f636122591bd48f2bb71862516378b91b42ffa9151d8ea813715ff73bd526eedccd79d2663cd0fdcbe863ba08d65a86e54264d1491c12844a2c56560e7c3d1c84ce29041843f274eac331f142e376cfe33fc3719d480b96b8ea541089fe23cd79d4b1a1c855db9267aefa707526f8cef4039595a1a2973149c0b1174618f4e841f338e5cb77b66f72756c5150"}}, @ht={0x2d, 0x1a, {0x2, 0x1, 0x4, 0x0, {0x5, 0x1ffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x300, 0x8}}, @preq={0x82, 0x2b, @ext={{}, 0x2e, 0x8, 0x81, @device_a, 0x3f, @device_b, 0x0, 0x8, 0x1, [{{0x1}, @broadcast, 0x3ff}]}}, @prep={0x83, 0x25, @ext={{}, 0x1, 0x5, @broadcast, 0x9, @device_a, 0x3ff, 0x7}}, @gcr_ga={0xbd, 0x6}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xa, 0xbb, [0x1, 0x7, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0x14, 0xbb, [0x3, 0x0, 0x9, 0x7, 0xc145, 0x7, 0xffff, 0x12]}, @beacon_params=[@NL80211_ATTR_IE={0x10d, 0x2a, [@random={0x3, 0x1f, "698fc301aa23e42053399dc85dd3c931f25893039cd315850ccd56a942d5f0"}, @supported_rates={0x1, 0x6, [{0x30}, {0x36}, {0x2, 0x1}, {0x2}, {0x12, 0x1}, {0x6}]}, @perr={0x84, 0xa2, {0x3, 0xa, [@ext={{}, @device_a, 0x5bf5eff8, @device_b, 0x6}, @not_ext={{}, @device_a, 0x8, "", 0xd}, @not_ext={{}, @device_a, 0x5, "", 0x3c}, @ext={{}, @device_b, 0x9, @broadcast, 0x18}, @ext={{}, @broadcast, 0xffffff00, @device_b, 0xb}, @ext={{}, @device_a, 0x80000000, @device_a, 0x25}, @ext={{}, @device_a, 0xffc, @broadcast, 0x1d}, @not_ext={{}, @device_a, 0x5, "", 0x29}, @not_ext={{}, @device_b, 0x7f, "", 0x33}, @not_ext={{}, @broadcast, 0x4, "", 0x35}]}}, @supported_rates={0x1, 0x2, [{0x18}, {0x1b}]}, @random={0xfe, 0x11, "0506c7f043258d8199620b58cbaa3a37ff"}, @sec_chan_ofs={0x3e, 0x1, 0x3}, @mesh_id={0x72, 0x6}, @rann={0x7e, 0x15, {{0x1, 0x9}, 0x1, 0x20, @device_b, 0xfffffff9, 0x3, 0x7}}, @challenge={0x10, 0x1, 0x89}]}, @NL80211_ATTR_BEACON_TAIL={0xac, 0xf, [@gcr_ga={0xbd, 0x6, @broadcast}, @cf={0x4, 0x6, {0x8, 0x3, 0x6, 0x7}}, @measure_req={0x26, 0x8e, {0x2a, 0xf9, 0x7, "2e994e14c7a2793125eaaf7d52fb7a77a53c9b06b2532095499c5cd5a70fdaf35746bd395eb6dd0bfdcb2370c25983cb50c1f3e5f980aea658a9553f131be1d2d26f38311d5a27da8fe593fde5b6bef82cfd0a4de4a960441c751cbe531e4c2abf6a8722d2cc372e7695d2d70338008802f5d96af1d49e309482e3c98863544a310b0a05b9d24a92685c2c"}}, @ssid={0x0, 0x6, @default_ap_ssid}]}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xe, 0xbb, [0x3f, 0xffff, 0x0, 0x401, 0x800]}, @beacon_params=[@NL80211_ATTR_BEACON_HEAD={0x3c5, 0xe, {@wo_ht={{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1}, {0x30}, @broadcast, @broadcast, @from_mac, {0x8, 0xb72}}, 0x80, @random=0x7f, 0x8118, @void, @val={0x1, 0x6, [{0x3}, {0x6}, {0x48}, {0x6c}, {0xb, 0x1}, {0x6c}]}, @void, @val={0x4, 0x6, {0x0, 0xe2, 0xb2, 0x6}}, @void, @void, @val={0x25, 0x3, {0x1, 0x3, 0x9}}, @val={0x2a, 0x1, {0x1, 0x0, 0x1}}, @void, @void, @void, @void, @val={0x76, 0x6, {0x9a, 0x2, 0x17, 0x5}}, [{0xdd, 0x16, "15e9477f8908e7932e1ae3dc90331e71d38bb54fc14d"}, {0xdd, 0x23, "39773a8b283a8d04aea7a46dda5f5fae8cf3a1e885358d051b6c9cfe7d4fd5eb8b1967"}, {0xdd, 0xd3, "89bdc6120287fca0e762c2602b1631d7f17e6b52412a0450c6f2d2046e2db368378b24b315b838f5a882359703710d396f2d63a29714a1c9d3c45e24586950ce19c2979de659460282b9133a22825ebe0ccd90c504233b6b3f68e9d4a3ec4aae44fedd3f4c6656d81df3a919fe4896d856d86da0c0dc817f185a4e5361c9d591ac4a978edc0793a3e38df1da0d2878ab69b8530db95d6c6ae394752235e9c0f6a71d7945afaf413b006c037db27f4523e314c8a84d00f98f3504be759580e2f4550b4e38a69e38fb39188a6e0c583e4ab0684d"}, {0xdd, 0xb7, "5ce0ebcc2fa3e6d16a9e0f4572bc4ad2a51694d3d184a846962ef45f4e400f019a961fa74083f36f826dad2fa0f303d5016d3982cce7c0c8854e275e9fb8bb17ce2877c78bff1249a389557cab28aa35eea492d0e3dbb3b130317597e4bb1339ea170ae2d7f2206ab4dd0ad4db021ae0219c11c69ede113fe8b5c98189e79ace77570f39f61c52b915068898799b32b1c6a075a8ba53748e887ee7bbd484ec66714caefe59094abfe61839533bf9540f1216a125bca650"}, {0xdd, 0x6, "28f8f1141664"}, {0xdd, 0xb7, "70b67511c8dec6a25f43814aeb02aaa99734c1eeffc3e07c14142c191db92ba18e3cb2c4760f7b1851aeb97a50c6576311c04caf207ad96b4e9eb96e74dab61220ce6c297d6340c0b324e060b73697d241b15770f77e0769ae9c78a746bff5383fb3e1919a0b4fcfc21d69a5a151e8969b10c35c9be1e45ca1b9c90f40bbfbaa7dcfba9ee9a6216411a61f42c4ff625791ab67904668145de031fae9f8405f21cc471d66dcecbd35243e8829ed984ac597d679dba6a041"}, {0xdd, 0xef, "78019830f7879ddf05df9789717290938b6e966e5ebad29a223383910685f3eabbc636018d9347ac288028f7c00a0c6ee93d255b19cee4965c7b57f956459df6d30df5d9e6da004a1410a1c3aa14c095d86d5c66313df9abd8f76f86eb93332447a485564113936cd7ad39ae07df595461936ff5d71f4aa83afa5a4f665385f26f96fccfdeb2b165211685b2272303dd7ac10118be4304fbdb95a129ccf813c0dd3dcd211a2c4763e64130ed2625e2f34c27e981bf613bbc6561d6bdee63986a6a699f3186ec5510a6443f8f37efabda6067483cf41435ebdb13dc33578ab22864349ea4ea2e87359138fae4785acf"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0x14, 0xbb, [0x800, 0x7, 0x41, 0x8, 0x1, 0x8, 0x7, 0xcd]}]}]}, 0x20a8}, 0x1, 0x0, 0x0, 0x4044004}, 0x4000000) (async)
setsockopt$MRT_PIM(r0, 0x0, 0xcf, &(0x7f0000000040)=0x4, 0x4)

14:33:06 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r0, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x5c, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000040)

14:33:06 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x22000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:06 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x7, &(0x7f0000000080)=[{0xff, 0x20, 0x8, 0x80000001}, {0xffff, 0x88, 0x3, 0x9}, {0x0, 0x3f, 0x8}, {0x3ff, 0x1, 0x57, 0x6}, {0x400, 0x40, 0x7, 0x3}, {0x0, 0x4, 0x9, 0x8}, {0x2f2d, 0x8, 0xff, 0x40000}]})
timer_gettime(0x0, &(0x7f0000000040))

14:33:06 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8, 0x56, 0x0, 0x40}]})
syz_genetlink_get_family_id$fou(&(0x7f0000000000), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8, 0x56, 0x0, 0x40}]}) (async)
syz_genetlink_get_family_id$fou(&(0x7f0000000000), 0xffffffffffffffff) (async)

14:33:06 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 52)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1337.325243][T24830] FAULT_INJECTION: forcing a failure.
[ 1337.325243][T24830] name failslab, interval 1, probability 0, space 0, times 0
[ 1337.338659][T24830] CPU: 0 PID: 24830 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1337.339187][   T23] audit: type=1326 audit(1669991586.789:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24827 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:06 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8, 0x56, 0x0, 0x40}]})
syz_genetlink_get_family_id$fou(&(0x7f0000000000), 0xffffffffffffffff)

[ 1337.350374][T24830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1337.350380][T24830] Call Trace:
[ 1337.350398][T24830]  dump_stack_lvl+0x1e2/0x24b
[ 1337.350419][T24830]  ? panic+0x7d7/0x7d7
[ 1337.395817][T24830]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1337.401250][T24830]  ? selinux_kernfs_init_security+0x1a8/0x760
[ 1337.407290][T24830]  dump_stack+0x15/0x17
[ 1337.411420][T24830]  should_fail+0x3c0/0x510
[ 1337.415808][T24830]  __should_failslab+0x9f/0xe0
[ 1337.420544][T24830]  should_failslab+0x9/0x20
[ 1337.425031][T24830]  kmem_cache_alloc+0x3f/0x300
[ 1337.429799][T24830]  ? __kernfs_new_node+0xdb/0x6e0
[ 1337.434796][T24830]  __kernfs_new_node+0xdb/0x6e0
[ 1337.439759][T24830]  ? __kasan_check_write+0x14/0x20
[ 1337.444847][T24830]  ? mutex_lock+0xb2/0x1e0
[ 1337.449239][T24830]  ? mutex_trylock+0x180/0x180
[ 1337.453986][T24830]  ? kernfs_new_node+0x170/0x170
[ 1337.458909][T24830]  ? __kasan_check_write+0x14/0x20
[ 1337.464005][T24830]  ? mutex_unlock+0x29/0xf0
[ 1337.468490][T24830]  ? kernfs_activate+0x409/0x420
[ 1337.473416][T24830]  kernfs_new_node+0x97/0x170
[ 1337.478069][T24830]  __kernfs_create_file+0x4a/0x270
[ 1337.483155][T24830]  sysfs_add_file_mode_ns+0x273/0x320
[ 1337.488506][T24830]  sysfs_merge_group+0x207/0x460
[ 1337.493415][T24830]  ? sysfs_remove_groups+0xb0/0xb0
[ 1337.498504][T24830]  dpm_sysfs_add+0xcf/0x290
[ 1337.502976][T24830]  device_add+0x52c/0xbd0
[ 1337.507275][T24830]  device_create+0x258/0x2e0
[ 1337.511834][T24830]  ? root_device_unregister+0x80/0x80
[ 1337.517180][T24830]  ? number+0xd9b/0x1040
[ 1337.521399][T24830]  bdi_register_va+0x94/0x600
[ 1337.526060][T24830]  bdi_register+0xd1/0x120
[ 1337.530471][T24830]  ? __device_add_disk+0x536/0x11d0
[ 1337.535647][T24830]  ? bdi_register_va+0x600/0x600
[ 1337.540560][T24830]  ? vsnprintf+0x1bfd/0x1cd0
[ 1337.545130][T24830]  ? __kasan_check_read+0x11/0x20
[ 1337.550216][T24830]  ? blk_alloc_devt+0xd4/0x320
[ 1337.555127][T24830]  __device_add_disk+0x5cb/0x11d0
[ 1337.560124][T24830]  ? device_add_disk+0x40/0x40
[ 1337.564860][T24830]  ? loop_add+0x380/0x760
[ 1337.569162][T24830]  ? vsprintf+0x40/0x40
[ 1337.573295][T24830]  device_add_disk+0x2a/0x40
[ 1337.577855][T24830]  loop_add+0x58f/0x760
[ 1337.581983][T24830]  loop_control_ioctl+0x564/0x740
[ 1337.586977][T24830]  ? loop_remove+0xb0/0xb0
[ 1337.591366][T24830]  ? __fget_files+0x310/0x370
[ 1337.596019][T24830]  ? security_file_ioctl+0xb1/0xd0
[ 1337.601109][T24830]  ? loop_remove+0xb0/0xb0
[ 1337.605500][T24830]  __se_sys_ioctl+0x115/0x190
[ 1337.610162][T24830]  __x64_sys_ioctl+0x7b/0x90
[ 1337.614724][T24830]  do_syscall_64+0x34/0x70
[ 1337.619113][T24830]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1337.624976][T24830] RIP: 0033:0x7f77b238e0d9
[ 1337.629365][T24830] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1337.648941][T24830] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1337.657335][T24830] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1337.665283][T24830] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
14:33:07 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x7, &(0x7f0000000080)=[{0xff, 0x20, 0x8, 0x80000001}, {0xffff, 0x88, 0x3, 0x9}, {0x0, 0x3f, 0x8}, {0x3ff, 0x1, 0x57, 0x6}, {0x400, 0x40, 0x7, 0x3}, {0x0, 0x4, 0x9, 0x8}, {0x2f2d, 0x8, 0xff, 0x40000}]})
timer_gettime(0x0, &(0x7f0000000040))

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async, rerun: 64)
r0 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (rerun: 64)
ioctl$RTC_UIE_OFF(r0, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x5c, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000040)

14:33:07 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x23000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1337.673232][T24830] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1337.681177][T24830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1337.689124][T24830] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1337.700279][   T23] audit: type=1326 audit(1669991587.149:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24827 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
r0 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r0, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x5c, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000040)

[ 1337.711882][T24830] ------------[ cut here ]------------
[ 1337.731631][T24830] WARNING: CPU: 0 PID: 24830 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1337.745343][T24830] Modules linked in:
[ 1337.749357][T24830] CPU: 0 PID: 24830 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1337.762710][T24830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1337.772901][T24830] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1337.779067][T24830] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1337.802843][T24830] RSP: 0018:ffffc9000019fbc0 EFLAGS: 00010246
[ 1337.809026][T24830] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1337.817103][T24830] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
14:33:07 executing program 0:
getgroups(0x4, &(0x7f0000000000)=[0xee00, 0xee01, <r0=>0xee00, 0xffffffffffffffff])
getresgid(&(0x7f0000000040), &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0))
r2 = getgid()
getresgid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=<r3=>0x0)
getgroups(0x8, &(0x7f0000000240)=[r0, 0xffffffffffffffff, 0xee00, r1, 0xee00, 0xee01, r2, r3])
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1337.825169][T24830] RBP: ffffc9000019fd08 R08: ffffffff82410506 R09: ffffc9000019f610
[ 1337.833247][T24830] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1337.841374][T24830] R13: ffff888111a04000 R14: ffff888111a06338 R15: ffff888111a06000
[ 1337.851229][T24830] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1337.863863][T24830] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1337.871489][T24830] CR2: 00007f30e4e98a48 CR3: 0000000118fd7000 CR4: 00000000003506b0
[ 1337.879577][T24830] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1337.887649][T24830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1337.895709][T24830] Call Trace:
[ 1337.899066][T24830]  ? device_add_disk+0x40/0x40
[ 1337.903889][T24830]  ? loop_add+0x380/0x760
[ 1337.908320][T24830]  ? vsprintf+0x40/0x40
[ 1337.912536][T24830]  device_add_disk+0x2a/0x40
[ 1337.917210][T24830]  loop_add+0x58f/0x760
[ 1337.921420][T24830]  loop_control_ioctl+0x564/0x740
[ 1337.926530][T24830]  ? loop_remove+0xb0/0xb0
[ 1337.931018][T24830]  ? __fget_files+0x310/0x370
[ 1337.935803][T24830]  ? security_file_ioctl+0xb1/0xd0
[ 1337.940960][T24830]  ? loop_remove+0xb0/0xb0
[ 1337.945417][T24830]  __se_sys_ioctl+0x115/0x190
[ 1337.950161][T24830]  __x64_sys_ioctl+0x7b/0x90
[ 1337.954792][T24830]  do_syscall_64+0x34/0x70
[ 1337.959279][T24830]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1337.965213][T24830] RIP: 0033:0x7f77b238e0d9
14:33:07 executing program 0:
getgroups(0x4, &(0x7f0000000000)=[0xee00, 0xee01, <r0=>0xee00, 0xffffffffffffffff])
getresgid(&(0x7f0000000040), &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0))
r2 = getgid()
getresgid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=<r3=>0x0)
getgroups(0x8, &(0x7f0000000240)=[r0, 0xffffffffffffffff, 0xee00, r1, 0xee00, 0xee01, r2, r3])
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
getgroups(0x4, &(0x7f0000000000)=[0xee00, 0xee01, 0xee00, 0xffffffffffffffff]) (async)
getresgid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) (async)
getgid() (async)
getresgid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)) (async)
getgroups(0x8, &(0x7f0000000240)=[r0, 0xffffffffffffffff, 0xee00, r1, 0xee00, 0xee01, r2, r3]) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

[ 1337.969709][T24830] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1337.989396][T24830] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1337.997911][T24830] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1338.015837][T24830] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
14:33:07 executing program 0:
getgroups(0x4, &(0x7f0000000000)=[0xee00, 0xee01, <r0=>0xee00, 0xffffffffffffffff])
getresgid(&(0x7f0000000040), &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)) (async, rerun: 32)
r2 = getgid() (async, rerun: 32)
getresgid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=<r3=>0x0)
getgroups(0x8, &(0x7f0000000240)=[r0, 0xffffffffffffffff, 0xee00, r1, 0xee00, 0xee01, r2, r3]) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1338.031407][T24830] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1338.055517][T24830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1338.073750][T24830] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket(0x5, 0x4, 0x5)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f0000000140))
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000002c0)={0xcc, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x48c0)

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
r0 = socket(0x5, 0x4, 0x5)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f0000000140))
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000002c0)={0xcc, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x48c0)

14:33:07 executing program 1:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)={0x40, 0x0, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000b00)={'batadv_slave_0\x00', <r4=>0x0})
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r6, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000bc0)={'ip6_vti0\x00', &(0x7f0000000b40)={'syztnl0\x00', <r8=>r2, 0x29, 0x5, 0x2, 0x100, 0x63, @remote, @private2, 0x7, 0x20, 0xf1d, 0x4}})
sendmsg$ETHTOOL_MSG_EEE_GET(r3, &(0x7f0000000d40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={0xd4, 0x0, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40}, 0x4000800)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r9=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000328bd7000fedbdf250a00000008000600", @ANYRES32=r9, @ANYBLOB="08000b000010000005002e00010000000500370000000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090)
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r12=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r11, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000080)={'tunl0\x00', <r13=>0x0, 0x80, 0x781f, 0x3f, 0x400, {{0x39, 0x4, 0x2, 0x9, 0xe4, 0x67, 0x0, 0x1, 0x4, 0x0, @empty, @local, {[@timestamp_prespec={0x44, 0x2c, 0x2a, 0x3, 0x7, [{@multicast1, 0x2}, {@loopback, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@local, 0x2}, {@remote, 0xbc}]}, @end, @ssrr={0x89, 0x13, 0x98, [@loopback, @private=0xa010101, @private=0xa010102, @empty]}, @end, @timestamp_addr={0x44, 0x3c, 0x6e, 0x1, 0x4, [{@local, 0x9}, {@local, 0x401}, {@remote, 0x2}, {@remote, 0x5}, {@private=0xa010102, 0x3}, {@local, 0xac}, {@rand_addr=0x64010101, 0x5}]}, @ssrr={0x89, 0x13, 0xdf, [@broadcast, @loopback, @remote, @multicast2]}, @generic={0x44, 0x5, "977750"}, @timestamp_addr={0x44, 0x1c, 0xf8, 0x1, 0x9, [{@empty, 0x1}, {@broadcast, 0x8}, {@multicast2, 0x9}]}, @end, @ssrr={0x89, 0x1b, 0x56, [@local, @local, @empty, @dev={0xac, 0x14, 0x14, 0x2c}, @rand_addr=0x64010101, @multicast1]}]}}}}})
timer_create(0x0, &(0x7f0000000940)={0x0, 0x34, 0xc94b205b7aeb398a, @thr={&(0x7f0000000780)="29942104130e2fe2a40547dd2cfa284ef0b4fe69b89294e46c1a653df170b540ba87fdbbcffe8cd2f5a0096627c9a53ed1f82b08fa4be8f0e42be7740c887a79c6b0753e71f6c180d119bb5ca61d2efde5791d5f4db6bdb33276bba61a4520b38adb0e9368a1e0699bc77faba66aec5506e16b01366000219592613d37035a4791c8b8b16056a7", &(0x7f0000000840)="dbf702c391eb9e9cd10a5d263133dd5f4ef2da38c2eb13ba6ab2a63615605204ed2c1237d25cad14d5bb734e9f17db9818d90170747cd4d517079de94d3f28e25403fa3bef54ad940650a11d60aad1c2d4c700d30904ae6226fac4eee161caad22d99d16ab7173603e154d0bb39fcd879b57c8cf9770cf2fde8d488f3d8299d399215be76ebea221cfb581e495fda9ecf1670ca9c9934598cf96c30dfacf6f99456d3f599165f07d2be4615e64ead3d3eb1e135a636b2b8517ca7b671db1eaba1fe327eb917cf833a5bc25f63a7d542023aab8f2f26ae98a413c44060a881b9905fdd087b53354004005b3458702b170cc8b52d75c34b9e92d09e622e068"}}, &(0x7f0000000980)=<r14=>0x0)
clock_gettime(0x0, &(0x7f00000009c0)={<r15=>0x0, <r16=>0x0})
timer_settime(r14, 0x1, &(0x7f0000000a00)={{0x77359400}, {r15, r16+10000000}}, &(0x7f0000000a40))
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="bc010000", @ANYRES16=r0, @ANYBLOB="000427bd7000fbdbdf250300000008000100", @ANYRES32=r9, @ANYBLOB="a800028064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000034000400030009015204000006000609010000000400049402000000030009f7010000000200050120000000760ae5040004000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r12, @ANYBLOB="080007000000000008000100", @ANYRES32=0x0, @ANYBLOB="f000028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400070000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3c000100240001008f7365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x1bc}, 0x1, 0x0, 0x0, 0x20040821}, 0x410)

14:33:07 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 53)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1338.093874][T24830] ---[ end trace 36e3028cd67c66da ]---
[ 1338.153545][T24871] FAULT_INJECTION: forcing a failure.
[ 1338.153545][T24871] name failslab, interval 1, probability 0, space 0, times 0
[ 1338.154828][T24804] udevd[24804]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1338.166264][T24871] CPU: 1 PID: 24871 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1338.187492][T24871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1338.197540][T24871] Call Trace:
14:33:07 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='objagg_destroy\x00'}, 0x10)

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket(0x5, 0x4, 0x5)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f0000000140))
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000002c0)={0xcc, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x48c0)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
socket(0x5, 0x4, 0x5) (async)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (async)
ioctl$RTC_UIE_OFF(r2, 0x7004) (async)
ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f0000000140)) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000002c0)={0xcc, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_LINK={0x8, 0x1, r4}, @GTPA_FLOW={0x6}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x48c0) (async)

14:33:07 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x101}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffae}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8080}, 0x40000)

14:33:07 executing program 1:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3) (async)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)={0x40, 0x0, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000b00)={'batadv_slave_0\x00', <r4=>0x0}) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r6, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000bc0)={'ip6_vti0\x00', &(0x7f0000000b40)={'syztnl0\x00', <r8=>r2, 0x29, 0x5, 0x2, 0x100, 0x63, @remote, @private2, 0x7, 0x20, 0xf1d, 0x4}})
sendmsg$ETHTOOL_MSG_EEE_GET(r3, &(0x7f0000000d40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={0xd4, 0x0, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40}, 0x4000800) (async)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r9=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000328bd7000fedbdf250a00000008000600", @ANYRES32=r9, @ANYBLOB="08000b000010000005002e00010000000500370000000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090)
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r12=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r11, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000080)={'tunl0\x00', <r13=>0x0, 0x80, 0x781f, 0x3f, 0x400, {{0x39, 0x4, 0x2, 0x9, 0xe4, 0x67, 0x0, 0x1, 0x4, 0x0, @empty, @local, {[@timestamp_prespec={0x44, 0x2c, 0x2a, 0x3, 0x7, [{@multicast1, 0x2}, {@loopback, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@local, 0x2}, {@remote, 0xbc}]}, @end, @ssrr={0x89, 0x13, 0x98, [@loopback, @private=0xa010101, @private=0xa010102, @empty]}, @end, @timestamp_addr={0x44, 0x3c, 0x6e, 0x1, 0x4, [{@local, 0x9}, {@local, 0x401}, {@remote, 0x2}, {@remote, 0x5}, {@private=0xa010102, 0x3}, {@local, 0xac}, {@rand_addr=0x64010101, 0x5}]}, @ssrr={0x89, 0x13, 0xdf, [@broadcast, @loopback, @remote, @multicast2]}, @generic={0x44, 0x5, "977750"}, @timestamp_addr={0x44, 0x1c, 0xf8, 0x1, 0x9, [{@empty, 0x1}, {@broadcast, 0x8}, {@multicast2, 0x9}]}, @end, @ssrr={0x89, 0x1b, 0x56, [@local, @local, @empty, @dev={0xac, 0x14, 0x14, 0x2c}, @rand_addr=0x64010101, @multicast1]}]}}}}}) (async)
timer_create(0x0, &(0x7f0000000940)={0x0, 0x34, 0xc94b205b7aeb398a, @thr={&(0x7f0000000780)="29942104130e2fe2a40547dd2cfa284ef0b4fe69b89294e46c1a653df170b540ba87fdbbcffe8cd2f5a0096627c9a53ed1f82b08fa4be8f0e42be7740c887a79c6b0753e71f6c180d119bb5ca61d2efde5791d5f4db6bdb33276bba61a4520b38adb0e9368a1e0699bc77faba66aec5506e16b01366000219592613d37035a4791c8b8b16056a7", &(0x7f0000000840)="dbf702c391eb9e9cd10a5d263133dd5f4ef2da38c2eb13ba6ab2a63615605204ed2c1237d25cad14d5bb734e9f17db9818d90170747cd4d517079de94d3f28e25403fa3bef54ad940650a11d60aad1c2d4c700d30904ae6226fac4eee161caad22d99d16ab7173603e154d0bb39fcd879b57c8cf9770cf2fde8d488f3d8299d399215be76ebea221cfb581e495fda9ecf1670ca9c9934598cf96c30dfacf6f99456d3f599165f07d2be4615e64ead3d3eb1e135a636b2b8517ca7b671db1eaba1fe327eb917cf833a5bc25f63a7d542023aab8f2f26ae98a413c44060a881b9905fdd087b53354004005b3458702b170cc8b52d75c34b9e92d09e622e068"}}, &(0x7f0000000980)=<r14=>0x0) (async)
clock_gettime(0x0, &(0x7f00000009c0)={<r15=>0x0, <r16=>0x0})
timer_settime(r14, 0x1, &(0x7f0000000a00)={{0x77359400}, {r15, r16+10000000}}, &(0x7f0000000a40)) (async)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="bc010000", @ANYRES16=r0, @ANYBLOB="000427bd7000fbdbdf250300000008000100", @ANYRES32=r9, @ANYBLOB="a800028064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000034000400030009015204000006000609010000000400049402000000030009f7010000000200050120000000760ae5040004000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r12, @ANYBLOB="080007000000000008000100", @ANYRES32=0x0, @ANYBLOB="f000028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400070000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3c000100240001008f7365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x1bc}, 0x1, 0x0, 0x0, 0x20040821}, 0x410)

14:33:07 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x100000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000000)=0x6)

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000000)=0x6)

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async, rerun: 32)
ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000000)=0x6) (rerun: 32)

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x0, 0xff, 0x6, @vifc_lcl_addr=@empty, @loopback}, 0x10)
r1 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r1, 0x7004)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
syz_open_dev$rtc(&(0x7f0000000080), 0x9, 0x2400c0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040))

[ 1338.200831][T24871]  dump_stack_lvl+0x1e2/0x24b
[ 1338.205509][T24871]  ? panic+0x7d7/0x7d7
[ 1338.209599][T24871]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1338.215057][T24871]  ? selinux_kernfs_init_security+0x1a8/0x760
[ 1338.221121][T24871]  dump_stack+0x15/0x17
[ 1338.225272][T24871]  should_fail+0x3c0/0x510
[ 1338.229683][T24871]  __should_failslab+0x9f/0xe0
[ 1338.234444][T24871]  should_failslab+0x9/0x20
[ 1338.239005][T24871]  kmem_cache_alloc+0x3f/0x300
[ 1338.243777][T24871]  ? __kernfs_new_node+0xdb/0x6e0
[ 1338.248792][T24871]  __kernfs_new_node+0xdb/0x6e0
14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x0, 0xff, 0x6, @vifc_lcl_addr=@empty, @loopback}, 0x10) (async)
r1 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2) (async)
syz_open_dev$rtc(&(0x7f0000000080), 0x9, 0x2400c0) (async)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040))

14:33:07 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x0, 0xff, 0x6, @vifc_lcl_addr=@empty, @loopback}, 0x10) (async)
r1 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async, rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
syz_open_dev$rtc(&(0x7f0000000080), 0x9, 0x2400c0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000180)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040))

[ 1338.253636][T24871]  ? __kasan_check_write+0x14/0x20
[ 1338.258736][T24871]  ? mutex_lock+0xb2/0x1e0
[ 1338.263140][T24871]  ? mutex_trylock+0x180/0x180
[ 1338.267901][T24871]  ? kernfs_new_node+0x170/0x170
[ 1338.272933][T24871]  ? __kasan_check_write+0x14/0x20
[ 1338.278042][T24871]  ? mutex_unlock+0x29/0xf0
[ 1338.282544][T24871]  ? kernfs_activate+0x409/0x420
[ 1338.287479][T24871]  kernfs_new_node+0x97/0x170
[ 1338.292159][T24871]  __kernfs_create_file+0x4a/0x270
[ 1338.297260][T24871]  sysfs_add_file_mode_ns+0x273/0x320
[ 1338.302603][T24871]  sysfs_merge_group+0x207/0x460
[ 1338.307514][T24871]  ? sysfs_remove_groups+0xb0/0xb0
[ 1338.312597][T24871]  dpm_sysfs_add+0xcf/0x290
[ 1338.317071][T24871]  device_add+0x52c/0xbd0
[ 1338.321367][T24871]  device_create+0x258/0x2e0
[ 1338.325943][T24871]  ? root_device_unregister+0x80/0x80
[ 1338.331298][T24871]  ? number+0xd9b/0x1040
[ 1338.335516][T24871]  bdi_register_va+0x94/0x600
[ 1338.340159][T24871]  bdi_register+0xd1/0x120
[ 1338.344544][T24871]  ? __device_add_disk+0x536/0x11d0
[ 1338.349711][T24871]  ? bdi_register_va+0x600/0x600
[ 1338.354617][T24871]  ? vsnprintf+0x1bfd/0x1cd0
[ 1338.359181][T24871]  ? __kasan_check_read+0x11/0x20
[ 1338.364172][T24871]  ? blk_alloc_devt+0xd4/0x320
[ 1338.368903][T24871]  __device_add_disk+0x5cb/0x11d0
[ 1338.373898][T24871]  ? device_add_disk+0x40/0x40
[ 1338.378629][T24871]  ? loop_add+0x380/0x760
[ 1338.382925][T24871]  ? vsprintf+0x40/0x40
[ 1338.387051][T24871]  device_add_disk+0x2a/0x40
[ 1338.391608][T24871]  loop_add+0x58f/0x760
[ 1338.395736][T24871]  loop_control_ioctl+0x564/0x740
[ 1338.400739][T24871]  ? loop_remove+0xb0/0xb0
[ 1338.405136][T24871]  ? __fget_files+0x310/0x370
[ 1338.409785][T24871]  ? security_file_ioctl+0xb1/0xd0
[ 1338.414865][T24871]  ? loop_remove+0xb0/0xb0
[ 1338.419250][T24871]  __se_sys_ioctl+0x115/0x190
[ 1338.423897][T24871]  __x64_sys_ioctl+0x7b/0x90
[ 1338.428459][T24871]  do_syscall_64+0x34/0x70
[ 1338.432845][T24871]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1338.438713][T24871] RIP: 0033:0x7f77b238e0d9
[ 1338.443100][T24871] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1338.462674][T24871] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1338.471054][T24871] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1338.478996][T24871] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1338.486939][T24871] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1338.494883][T24871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1338.502822][T24871] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1338.512441][T24871] ------------[ cut here ]------------
[ 1338.517989][T24871] WARNING: CPU: 1 PID: 24871 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1338.527224][T24871] Modules linked in:
[ 1338.531110][T24871] CPU: 1 PID: 24871 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1338.543091][T24871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1338.553204][T24871] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1338.559010][T24871] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1338.578944][T24871] RSP: 0018:ffffc900063afbc0 EFLAGS: 00010246
[ 1338.585016][T24871] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1338.593040][T24871] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
[ 1338.601041][T24871] RBP: ffffc900063afd08 R08: ffffffff82410506 R09: ffffc900063af610
[ 1338.609015][T24871] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1338.616998][T24871] R13: ffff88810fa5d000 R14: ffff88810a928338 R15: ffff88810a928000
[ 1338.624944][T24871] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1338.633872][T24871] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1338.640486][T24871] CR2: 00007f77b10bf718 CR3: 000000012e3ad000 CR4: 00000000003506a0
[ 1338.648459][T24871] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1338.656443][T24871] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1338.664393][T24871] Call Trace:
[ 1338.667690][T24871]  ? device_add_disk+0x40/0x40
[ 1338.672445][T24871]  ? loop_add+0x380/0x760
[ 1338.676824][T24871]  ? vsprintf+0x40/0x40
[ 1338.681145][T24871]  device_add_disk+0x2a/0x40
[ 1338.685768][T24871]  loop_add+0x58f/0x760
[ 1338.689918][T24871]  loop_control_ioctl+0x564/0x740
[ 1338.695088][T24871]  ? loop_remove+0xb0/0xb0
[ 1338.699611][T24871]  ? __fget_files+0x310/0x370
[ 1338.704378][T24871]  ? security_file_ioctl+0xb1/0xd0
[ 1338.709498][T24871]  ? loop_remove+0xb0/0xb0
[ 1338.713906][T24871]  __se_sys_ioctl+0x115/0x190
[ 1338.718585][T24871]  __x64_sys_ioctl+0x7b/0x90
[ 1338.723164][T24871]  do_syscall_64+0x34/0x70
[ 1338.727585][T24871]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1338.733463][T24871] RIP: 0033:0x7f77b238e0d9
[ 1338.737889][T24871] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1338.757516][T24871] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1338.765938][T24871] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1338.773898][T24871] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1338.781879][T24871] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1338.789854][T24871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1338.797843][T24871] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1338.805843][T24871] ---[ end trace 36e3028cd67c66db ]---
[ 1338.830924][   T23] audit: type=1326 audit(1669991588.279:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24915 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1338.855272][   T23] audit: type=1326 audit(1669991588.279:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24910 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1338.882650][   T23] audit: type=1326 audit(1669991588.329:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24915 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:33:08 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 54)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1338.953839][T24923] FAULT_INJECTION: forcing a failure.
[ 1338.953839][T24923] name failslab, interval 1, probability 0, space 0, times 0
[ 1338.966618][T24923] CPU: 0 PID: 24923 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1338.978327][T24923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1338.988386][T24923] Call Trace:
[ 1338.991679][T24923]  dump_stack_lvl+0x1e2/0x24b
[ 1338.996362][T24923]  ? panic+0x7d7/0x7d7
[ 1339.000429][T24923]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1339.005970][T24923]  ? selinux_kernfs_init_security+0x1a8/0x760
[ 1339.012034][T24923]  dump_stack+0x15/0x17
[ 1339.016192][T24923]  should_fail+0x3c0/0x510
[ 1339.020603][T24923]  __should_failslab+0x9f/0xe0
[ 1339.025364][T24923]  should_failslab+0x9/0x20
[ 1339.029859][T24923]  kmem_cache_alloc+0x3f/0x300
[ 1339.034617][T24923]  ? __kernfs_new_node+0xdb/0x6e0
[ 1339.039638][T24923]  __kernfs_new_node+0xdb/0x6e0
[ 1339.044484][T24923]  ? __kasan_check_write+0x14/0x20
[ 1339.049593][T24923]  ? mutex_lock+0xb2/0x1e0
[ 1339.054006][T24923]  ? mutex_trylock+0x180/0x180
[ 1339.058772][T24923]  ? kernfs_new_node+0x170/0x170
[ 1339.063707][T24923]  ? __kasan_check_write+0x14/0x20
[ 1339.068811][T24923]  ? mutex_unlock+0x29/0xf0
[ 1339.073309][T24923]  ? kernfs_activate+0x409/0x420
[ 1339.078243][T24923]  kernfs_new_node+0x97/0x170
[ 1339.082916][T24923]  __kernfs_create_file+0x4a/0x270
[ 1339.088025][T24923]  sysfs_add_file_mode_ns+0x273/0x320
[ 1339.093495][T24923]  sysfs_merge_group+0x207/0x460
[ 1339.098444][T24923]  ? sysfs_remove_groups+0xb0/0xb0
[ 1339.103554][T24923]  dpm_sysfs_add+0xcf/0x290
[ 1339.108054][T24923]  device_add+0x52c/0xbd0
[ 1339.112382][T24923]  device_create+0x258/0x2e0
[ 1339.116973][T24923]  ? root_device_unregister+0x80/0x80
[ 1339.122343][T24923]  ? number+0xd9b/0x1040
[ 1339.126581][T24923]  bdi_register_va+0x94/0x600
[ 1339.131253][T24923]  bdi_register+0xd1/0x120
[ 1339.135665][T24923]  ? __device_add_disk+0x536/0x11d0
[ 1339.140858][T24923]  ? bdi_register_va+0x600/0x600
[ 1339.145793][T24923]  ? vsnprintf+0x1bfd/0x1cd0
[ 1339.150380][T24923]  ? __kasan_check_read+0x11/0x20
[ 1339.155391][T24923]  ? blk_alloc_devt+0xd4/0x320
[ 1339.160219][T24923]  __device_add_disk+0x5cb/0x11d0
[ 1339.165235][T24923]  ? device_add_disk+0x40/0x40
[ 1339.169985][T24923]  ? loop_add+0x380/0x760
[ 1339.174291][T24923]  ? vsprintf+0x40/0x40
[ 1339.178426][T24923]  device_add_disk+0x2a/0x40
[ 1339.182997][T24923]  loop_add+0x58f/0x760
[ 1339.187164][T24923]  loop_control_ioctl+0x564/0x740
[ 1339.192163][T24923]  ? loop_remove+0xb0/0xb0
[ 1339.196555][T24923]  ? __fget_files+0x310/0x370
[ 1339.201232][T24923]  ? security_file_ioctl+0xb1/0xd0
[ 1339.206329][T24923]  ? loop_remove+0xb0/0xb0
[ 1339.210721][T24923]  __se_sys_ioctl+0x115/0x190
[ 1339.215369][T24923]  __x64_sys_ioctl+0x7b/0x90
[ 1339.219941][T24923]  do_syscall_64+0x34/0x70
[ 1339.224340][T24923]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1339.230292][T24923] RIP: 0033:0x7f77b238e0d9
[ 1339.234686][T24923] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1339.254265][T24923] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1339.262651][T24923] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1339.270596][T24923] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1339.278629][T24923] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1339.286658][T24923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1339.294605][T24923] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:08 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='objagg_destroy\x00'}, 0x10)

14:33:08 executing program 0:
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000))

[ 1339.304136][T24923] ------------[ cut here ]------------
[ 1339.310108][T24923] WARNING: CPU: 1 PID: 24923 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1339.325984][T24923] Modules linked in:
[ 1339.329952][T24923] CPU: 1 PID: 24923 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1339.341771][T24923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1339.351924][T24923] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1339.357992][T24923] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1339.377867][T24923] RSP: 0018:ffffc9000627fbc0 EFLAGS: 00010287
[ 1339.383999][T24923] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1339.392153][T24923] RDX: ffffc90001b10000 RSI: 00000000000300da RDI: 00000000000300db
[ 1339.400215][T24923] RBP: ffffc9000627fd08 R08: ffffffff82410506 R09: ffffc9000627f610
[ 1339.408278][T24923] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1339.416337][T24923] R13: ffff88811a984000 R14: ffff88811a983338 R15: ffff88811a983000
[ 1339.424366][T24923] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1339.433378][T24923] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1339.440019][T24923] CR2: 00007f77b10bdcc0 CR3: 00000001115dd000 CR4: 00000000003506b0
[ 1339.448078][T24923] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1339.456102][T24923] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1339.464084][T24923] Call Trace:
[ 1339.467405][T24923]  ? device_add_disk+0x40/0x40
[ 1339.472198][T24923]  ? loop_add+0x380/0x760
[ 1339.476564][T24923]  ? vsprintf+0x40/0x40
[ 1339.480737][T24923]  device_add_disk+0x2a/0x40
[ 1339.485334][T24923]  loop_add+0x58f/0x760
[ 1339.489524][T24923]  loop_control_ioctl+0x564/0x740
[ 1339.494570][T24923]  ? loop_remove+0xb0/0xb0
[ 1339.499028][T24923]  ? __fget_files+0x310/0x370
[ 1339.503719][T24923]  ? security_file_ioctl+0xb1/0xd0
[ 1339.508861][T24923]  ? loop_remove+0xb0/0xb0
[ 1339.513302][T24923]  __se_sys_ioctl+0x115/0x190
[ 1339.518006][T24923]  __x64_sys_ioctl+0x7b/0x90
[ 1339.522633][T24923]  do_syscall_64+0x34/0x70
[ 1339.527092][T24923]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1339.533002][T24923] RIP: 0033:0x7f77b238e0d9
[ 1339.537454][T24923] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1339.557170][T24923] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1339.565717][T24923] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1339.573719][T24923] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1339.581741][T24923] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1339.589777][T24923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1339.597804][T24923] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1339.605804][T24923] ---[ end trace 36e3028cd67c66dc ]---
14:33:09 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x101}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffae}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8080}, 0x40000)

14:33:09 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x200000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:09 executing program 1:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) (async)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0}) (rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r3) (async)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000740)={0x40, 0x0, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000b00)={'batadv_slave_0\x00', <r4=>0x0}) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r7=>0x0}) (rerun: 64)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r6, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000bc0)={'ip6_vti0\x00', &(0x7f0000000b40)={'syztnl0\x00', <r8=>r2, 0x29, 0x5, 0x2, 0x100, 0x63, @remote, @private2, 0x7, 0x20, 0xf1d, 0x4}}) (rerun: 64)
sendmsg$ETHTOOL_MSG_EEE_GET(r3, &(0x7f0000000d40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={0xd4, 0x0, 0x8, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40}, 0x4000800) (async)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r9=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000328bd7000fedbdf250a00000008000600", @ANYRES32=r9, @ANYBLOB="08000b000010000005002e00010000000500370000000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
r10 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r10, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r10, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r12=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r11, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000080)={'tunl0\x00', <r13=>0x0, 0x80, 0x781f, 0x3f, 0x400, {{0x39, 0x4, 0x2, 0x9, 0xe4, 0x67, 0x0, 0x1, 0x4, 0x0, @empty, @local, {[@timestamp_prespec={0x44, 0x2c, 0x2a, 0x3, 0x7, [{@multicast1, 0x2}, {@loopback, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@local, 0x2}, {@remote, 0xbc}]}, @end, @ssrr={0x89, 0x13, 0x98, [@loopback, @private=0xa010101, @private=0xa010102, @empty]}, @end, @timestamp_addr={0x44, 0x3c, 0x6e, 0x1, 0x4, [{@local, 0x9}, {@local, 0x401}, {@remote, 0x2}, {@remote, 0x5}, {@private=0xa010102, 0x3}, {@local, 0xac}, {@rand_addr=0x64010101, 0x5}]}, @ssrr={0x89, 0x13, 0xdf, [@broadcast, @loopback, @remote, @multicast2]}, @generic={0x44, 0x5, "977750"}, @timestamp_addr={0x44, 0x1c, 0xf8, 0x1, 0x9, [{@empty, 0x1}, {@broadcast, 0x8}, {@multicast2, 0x9}]}, @end, @ssrr={0x89, 0x1b, 0x56, [@local, @local, @empty, @dev={0xac, 0x14, 0x14, 0x2c}, @rand_addr=0x64010101, @multicast1]}]}}}}}) (rerun: 64)
timer_create(0x0, &(0x7f0000000940)={0x0, 0x34, 0xc94b205b7aeb398a, @thr={&(0x7f0000000780)="29942104130e2fe2a40547dd2cfa284ef0b4fe69b89294e46c1a653df170b540ba87fdbbcffe8cd2f5a0096627c9a53ed1f82b08fa4be8f0e42be7740c887a79c6b0753e71f6c180d119bb5ca61d2efde5791d5f4db6bdb33276bba61a4520b38adb0e9368a1e0699bc77faba66aec5506e16b01366000219592613d37035a4791c8b8b16056a7", &(0x7f0000000840)="dbf702c391eb9e9cd10a5d263133dd5f4ef2da38c2eb13ba6ab2a63615605204ed2c1237d25cad14d5bb734e9f17db9818d90170747cd4d517079de94d3f28e25403fa3bef54ad940650a11d60aad1c2d4c700d30904ae6226fac4eee161caad22d99d16ab7173603e154d0bb39fcd879b57c8cf9770cf2fde8d488f3d8299d399215be76ebea221cfb581e495fda9ecf1670ca9c9934598cf96c30dfacf6f99456d3f599165f07d2be4615e64ead3d3eb1e135a636b2b8517ca7b671db1eaba1fe327eb917cf833a5bc25f63a7d542023aab8f2f26ae98a413c44060a881b9905fdd087b53354004005b3458702b170cc8b52d75c34b9e92d09e622e068"}}, &(0x7f0000000980)=<r14=>0x0) (async)
clock_gettime(0x0, &(0x7f00000009c0)={<r15=>0x0, <r16=>0x0})
timer_settime(r14, 0x1, &(0x7f0000000a00)={{0x77359400}, {r15, r16+10000000}}, &(0x7f0000000a40)) (async)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="bc010000", @ANYRES16=r0, @ANYBLOB="000427bd7000fbdbdf250300000008000100", @ANYRES32=r9, @ANYBLOB="a800028064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000034000400030009015204000006000609010000000400049402000000030009f7010000000200050120000000760ae5040004000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r12, @ANYBLOB="080007000000000008000100", @ANYRES32=0x0, @ANYBLOB="f000028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400070000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3c000100240001008f7365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x1bc}, 0x1, 0x0, 0x0, 0x20040821}, 0x410)

14:33:09 executing program 0:
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000))

14:33:09 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 55)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:09 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x300000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1339.647021][T24804] udevd[24804]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1339.662438][   T23] audit: type=1326 audit(1669991589.109:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24928 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
14:33:09 executing program 0:
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000000))

14:33:09 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
r6 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r6, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0x80, r7, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x80}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)={0xa0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xece715fc6058dc21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xa0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
setsockopt$MRT_DEL_VIF(r2, 0x0, 0xcb, &(0x7f0000000180)={0x1, 0x8, 0x2, 0x8, @vifc_lcl_ifindex=r5, @local}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x7b)

14:33:09 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000))
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:33:09 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000)) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1339.700201][T24944] FAULT_INJECTION: forcing a failure.
[ 1339.700201][T24944] name failslab, interval 1, probability 0, space 0, times 0
[ 1339.713579][T24944] CPU: 0 PID: 24944 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1339.725296][T24944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1339.735349][T24944] Call Trace:
[ 1339.738644][T24944]  dump_stack_lvl+0x1e2/0x24b
[ 1339.743316][T24944]  ? panic+0x7d7/0x7d7
[ 1339.747365][T24944]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1339.752800][T24944]  ? selinux_kernfs_init_security+0x1a8/0x760
[ 1339.758841][T24944]  dump_stack+0x15/0x17
[ 1339.762970][T24944]  should_fail+0x3c0/0x510
[ 1339.767362][T24944]  __should_failslab+0x9f/0xe0
[ 1339.772097][T24944]  should_failslab+0x9/0x20
[ 1339.776568][T24944]  kmem_cache_alloc+0x3f/0x300
[ 1339.781301][T24944]  ? __kernfs_new_node+0xdb/0x6e0
[ 1339.786295][T24944]  __kernfs_new_node+0xdb/0x6e0
[ 1339.791114][T24944]  ? __kasan_check_write+0x14/0x20
[ 1339.796194][T24944]  ? mutex_lock+0xb2/0x1e0
[ 1339.800580][T24944]  ? mutex_trylock+0x180/0x180
[ 1339.805414][T24944]  ? kernfs_new_node+0x170/0x170
[ 1339.810324][T24944]  ? __kasan_check_write+0x14/0x20
[ 1339.815679][T24944]  ? mutex_unlock+0x29/0xf0
[ 1339.820159][T24944]  ? kernfs_activate+0x409/0x420
[ 1339.825070][T24944]  kernfs_new_node+0x97/0x170
[ 1339.829725][T24944]  __kernfs_create_file+0x4a/0x270
[ 1339.834812][T24944]  sysfs_add_file_mode_ns+0x273/0x320
[ 1339.840163][T24944]  sysfs_merge_group+0x207/0x460
[ 1339.845080][T24944]  ? sysfs_remove_groups+0xb0/0xb0
[ 1339.850167][T24944]  dpm_sysfs_add+0xcf/0x290
[ 1339.854645][T24944]  device_add+0x52c/0xbd0
[ 1339.858948][T24944]  device_create+0x258/0x2e0
[ 1339.863520][T24944]  ? root_device_unregister+0x80/0x80
[ 1339.868869][T24944]  ? number+0xd9b/0x1040
[ 1339.873097][T24944]  bdi_register_va+0x94/0x600
[ 1339.877749][T24944]  bdi_register+0xd1/0x120
[ 1339.882160][T24944]  ? __device_add_disk+0x536/0x11d0
[ 1339.887337][T24944]  ? bdi_register_va+0x600/0x600
[ 1339.892337][T24944]  ? vsnprintf+0x1bfd/0x1cd0
[ 1339.896906][T24944]  ? __kasan_check_read+0x11/0x20
[ 1339.901906][T24944]  ? blk_alloc_devt+0xd4/0x320
[ 1339.906646][T24944]  __device_add_disk+0x5cb/0x11d0
[ 1339.911649][T24944]  ? device_add_disk+0x40/0x40
[ 1339.916387][T24944]  ? loop_add+0x380/0x760
[ 1339.920692][T24944]  ? vsprintf+0x40/0x40
[ 1339.924824][T24944]  device_add_disk+0x2a/0x40
[ 1339.929392][T24944]  loop_add+0x58f/0x760
[ 1339.933524][T24944]  loop_control_ioctl+0x564/0x740
[ 1339.938523][T24944]  ? loop_remove+0xb0/0xb0
[ 1339.942916][T24944]  ? __fget_files+0x310/0x370
[ 1339.947569][T24944]  ? security_file_ioctl+0xb1/0xd0
[ 1339.952655][T24944]  ? loop_remove+0xb0/0xb0
[ 1339.957048][T24944]  __se_sys_ioctl+0x115/0x190
[ 1339.961698][T24944]  __x64_sys_ioctl+0x7b/0x90
[ 1339.966374][T24944]  do_syscall_64+0x34/0x70
[ 1339.970766][T24944]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1339.976632][T24944] RIP: 0033:0x7f77b238e0d9
[ 1339.981030][T24944] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1340.000612][T24944] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1340.009005][T24944] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1340.016956][T24944] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1340.024904][T24944] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1340.032854][T24944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1340.040801][T24944] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1340.051912][T24944] ------------[ cut here ]------------
[ 1340.057535][T24944] WARNING: CPU: 1 PID: 24944 at block/genhd.c:821 __device_add_disk+0xe7c/0x11d0
[ 1340.067116][T24944] Modules linked in:
[ 1340.071115][T24944] CPU: 1 PID: 24944 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1340.083016][T24944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1340.093266][T24944] RIP: 0010:__device_add_disk+0xe7c/0x11d0
[ 1340.099209][T24944] Code: ff ff e8 37 d6 2b ff 0f 0b e9 28 f3 ff ff e8 2b d6 2b ff 0f 0b 42 80 3c 33 00 0f 85 db f8 ff ff e9 de f8 ff ff e8 14 d6 2b ff <0f> 0b e9 60 f7 ff ff e8 08 d6 2b ff e9 13 ff ff ff 44 89 f1 80 e1
[ 1340.119267][T24944] RSP: 0018:ffffc90000c17bc0 EFLAGS: 00010287
[ 1340.125334][T24944] RAX: ffffffff82410dac RBX: 00000000fffffff4 RCX: 0000000000040000
[ 1340.133506][T24944] RDX: ffffc90001b10000 RSI: 000000000003084f RDI: 0000000000030850
[ 1340.141659][T24944] RBP: ffffc90000c17d08 R08: ffffffff82410506 R09: ffffc90000c17610
[ 1340.149759][T24944] R10: 0000000000000013 R11: ffffffff84c00596 R12: 0000000000000007
[ 1340.157869][T24944] R13: ffff888112bdf000 R14: ffff888112bd9338 R15: ffff888112bd9000
[ 1340.165926][T24944] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1340.174832][T24944] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1340.181473][T24944] CR2: 00007ffda4912c08 CR3: 0000000124fd5000 CR4: 00000000003506a0
[ 1340.189525][T24944] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1340.197563][T24944] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1340.205619][T24944] Call Trace:
[ 1340.209015][T24944]  ? device_add_disk+0x40/0x40
[ 1340.213868][T24944]  ? loop_add+0x380/0x760
[ 1340.215491][   T23] kauditd_printk_skb: 2 callbacks suppressed
[ 1340.215502][   T23] audit: type=1326 audit(1669991589.659:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24928 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1340.218295][T24944]  ? vsprintf+0x40/0x40
[ 1340.251867][T24944]  device_add_disk+0x2a/0x40
[ 1340.256592][T24944]  loop_add+0x58f/0x760
[ 1340.260873][T24944]  loop_control_ioctl+0x564/0x740
[ 1340.266040][T24944]  ? loop_remove+0xb0/0xb0
[ 1340.270565][T24944]  ? __fget_files+0x310/0x370
[ 1340.275349][T24944]  ? security_file_ioctl+0xb1/0xd0
[ 1340.280598][T24944]  ? loop_remove+0xb0/0xb0
[ 1340.285122][T24944]  __se_sys_ioctl+0x115/0x190
[ 1340.289926][T24944]  __x64_sys_ioctl+0x7b/0x90
[ 1340.294615][T24944]  do_syscall_64+0x34/0x70
[ 1340.299139][T24944]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1340.305126][T24944] RIP: 0033:0x7f77b238e0d9
[ 1340.309648][T24944] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1340.329427][T24944] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1340.337974][T24944] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1340.346084][T24944] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1340.354182][T24944] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1340.362284][T24944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1340.370439][T24944] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1340.378548][T24944] ---[ end trace 36e3028cd67c66dd ]---
14:33:09 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='objagg_destroy\x00'}, 0x10)

14:33:09 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000)) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1340.398883][   T23] audit: type=1326 audit(1669991589.849:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24958 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1340.448501][   T23] audit: type=1326 audit(1669991589.899:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24958 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:09 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x101}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffae}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8080}, 0x40000)

14:33:09 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x400000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:09 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 56)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:09 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000040))
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x4, 0x3, 0x3, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)

14:33:10 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000040)) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x4, 0x3, 0x3, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)

14:33:10 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x500000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1340.524686][T24968] FAULT_INJECTION: forcing a failure.
[ 1340.524686][T24968] name failslab, interval 1, probability 0, space 0, times 0
[ 1340.552862][T24968] CPU: 1 PID: 24968 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1340.564595][T24968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1340.574647][T24968] Call Trace:
[ 1340.577942][T24968]  dump_stack_lvl+0x1e2/0x24b
[ 1340.582617][T24968]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1340.588069][T24968]  ? kernfs_add_one+0x4c5/0x5e0
[ 1340.592912][T24968]  dump_stack+0x15/0x17
[ 1340.597060][T24968]  should_fail+0x3c0/0x510
[ 1340.601470][T24968]  ? kobject_uevent_env+0x26c/0x730
[ 1340.606662][T24968]  __should_failslab+0x9f/0xe0
[ 1340.611421][T24968]  should_failslab+0x9/0x20
[ 1340.615920][T24968]  kmem_cache_alloc_trace+0x3a/0x330
[ 1340.621312][T24968]  ? __kasan_check_write+0x14/0x20
[ 1340.626426][T24968]  ? mutex_lock+0xb2/0x1e0
[ 1340.630837][T24968]  ? dev_uevent_filter+0xb0/0xb0
[ 1340.635772][T24968]  kobject_uevent_env+0x26c/0x730
[ 1340.640792][T24968]  ? __kasan_check_write+0x14/0x20
[ 1340.645895][T24968]  kobject_uevent+0x1f/0x30
[ 1340.650389][T24968]  device_add+0x79c/0xbd0
[ 1340.654713][T24968]  device_create+0x258/0x2e0
[ 1340.659312][T24968]  ? root_device_unregister+0x80/0x80
[ 1340.664682][T24968]  ? number+0xd9b/0x1040
[ 1340.668930][T24968]  bdi_register_va+0x94/0x600
[ 1340.673604][T24968]  bdi_register+0xd1/0x120
[ 1340.678030][T24968]  ? __device_add_disk+0x536/0x11d0
[ 1340.683226][T24968]  ? bdi_register_va+0x600/0x600
[ 1340.688164][T24968]  ? vsnprintf+0x1bfd/0x1cd0
[ 1340.692750][T24968]  ? __kasan_check_read+0x11/0x20
[ 1340.697769][T24968]  ? blk_alloc_devt+0xd4/0x320
[ 1340.702531][T24968]  __device_add_disk+0x5cb/0x11d0
[ 1340.707552][T24968]  ? device_add_disk+0x40/0x40
[ 1340.712308][T24968]  ? loop_add+0x380/0x760
[ 1340.716631][T24968]  ? vsprintf+0x40/0x40
[ 1340.720784][T24968]  device_add_disk+0x2a/0x40
[ 1340.725369][T24968]  loop_add+0x58f/0x760
[ 1340.729521][T24968]  loop_control_ioctl+0x564/0x740
[ 1340.734539][T24968]  ? loop_remove+0xb0/0xb0
[ 1340.738953][T24968]  ? __fget_files+0x310/0x370
[ 1340.743632][T24968]  ? security_file_ioctl+0xb1/0xd0
[ 1340.748737][T24968]  ? loop_remove+0xb0/0xb0
[ 1340.753152][T24968]  __se_sys_ioctl+0x115/0x190
[ 1340.757839][T24968]  __x64_sys_ioctl+0x7b/0x90
[ 1340.762596][T24968]  do_syscall_64+0x34/0x70
[ 1340.767007][T24968]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1340.772927][T24968] RIP: 0033:0x7f77b238e0d9
[ 1340.777335][T24968] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1340.796918][T24968] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1340.805310][T24968] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1340.813261][T24968] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
14:33:10 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) (async, rerun: 64)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80) (rerun: 64)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async, rerun: 64)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80) (rerun: 64)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004) (async, rerun: 64)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (rerun: 64)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
r6 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r6, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0x80, r7, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x80}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)={0xa0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xece715fc6058dc21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xa0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 64)
setsockopt$MRT_DEL_VIF(r2, 0x0, 0xcb, &(0x7f0000000180)={0x1, 0x8, 0x2, 0x8, @vifc_lcl_ifindex=r5, @local}, 0x10) (async, rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async, rerun: 32)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x7b) (rerun: 32)

14:33:10 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000040))
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x4, 0x3, 0x3, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000040)) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0x0, 0x4, 0x3, 0x3, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10) (async)

[ 1340.821210][T24968] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1340.829158][T24968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1340.837192][T24968] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:10 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0xa, 0xa, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), &(0x7f0000000240), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000280)}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r1=>0x0})
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0x94, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="c0000008da5b9a20cacd5270faf8ff1dc3b5401e7c34ee43e77e3985de84b041f088843a990865ad56161af42679ee97c879cb9562f9bdf35a9c91cf726b53cf0d2b286902a0e94483b69bb5709c4102803850f1950b90b1a583094445feda0bd54a2062196e4786271f432063b4698909a5eeec3b91f79569ccbfe4e61ce147d3c30c611f257af6e92ae81093d5013844dd553a707d9c01dbff8ac02b3259cc1200cd3ca0c096b13772bd7762f41343c848ead127efb0b4780c084a6627fee3ddbbd15b7e6bb4822acee5f4716bc20e692e1dde5d898712057cec4e6e0d7ce1efb7f99b999c46655407dcd203cf0a3dc5eda44719724e272de61432370d9d2400a5c4c157ec4e07ab58199e0200000000000000db961d7502d238f3a66ce0cff4cb928b2bb69cba0c4e5f95c5f7fad8c66c6e69087115426716", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fe8800000000000000000000000001011400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r6, @ANYBLOB="060001000a000000"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000440)={'syztnl2\x00', <r7=>0x0, 0x700, 0x7, 0x205, 0x3, {{0x6, 0x4, 0x3, 0x8, 0x18, 0x64, 0x0, 0xc4, 0x2f, 0x0, @empty, @broadcast, {[@ra={0x94, 0x4}]}}}}})
r8 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r8, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r9, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r10}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r11 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r11, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r11, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r13=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r12, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x4}}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r13}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f00000004c0)={0x230, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x20040010}, 0x24000043)

14:33:10 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0xa, 0xa, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), &(0x7f0000000240), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000280)}}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r1=>0x0}) (async)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r2, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0x94, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="c0000008da5b9a20cacd5270faf8ff1dc3b5401e7c34ee43e77e3985de84b041f088843a990865ad56161af42679ee97c879cb9562f9bdf35a9c91cf726b53cf0d2b286902a0e94483b69bb5709c4102803850f1950b90b1a583094445feda0bd54a2062196e4786271f432063b4698909a5eeec3b91f79569ccbfe4e61ce147d3c30c611f257af6e92ae81093d5013844dd553a707d9c01dbff8ac02b3259cc1200cd3ca0c096b13772bd7762f41343c848ead127efb0b4780c084a6627fee3ddbbd15b7e6bb4822acee5f4716bc20e692e1dde5d898712057cec4e6e0d7ce1efb7f99b999c46655407dcd203cf0a3dc5eda44719724e272de61432370d9d2400a5c4c157ec4e07ab58199e0200000000000000db961d7502d238f3a66ce0cff4cb928b2bb69cba0c4e5f95c5f7fad8c66c6e69087115426716", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fe8800000000000000000000000001011400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r6, @ANYBLOB="060001000a000000"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000440)={'syztnl2\x00', <r7=>0x0, 0x700, 0x7, 0x205, 0x3, {{0x6, 0x4, 0x3, 0x8, 0x18, 0x64, 0x0, 0xc4, 0x2f, 0x0, @empty, @broadcast, {[@ra={0x94, 0x4}]}}}}}) (async)
r8 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r8, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r9, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r10}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
r11 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r11, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r11, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r13=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r12, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x4}}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r13}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f00000004c0)={0x230, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x20040010}, 0x24000043)

[ 1340.914659][   T23] audit: type=1326 audit(1669991590.359:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24986 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1340.960583][   T23] audit: type=1326 audit(1669991590.399:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24989 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1340.985221][   T23] audit: type=1326 audit(1669991590.409:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24989 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f57d0c7cf8b code=0x0
[ 1340.988304][T24804] udevd[24804]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1341.018750][   T23] audit: type=1326 audit(1669991590.469:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25001 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1341.044144][   T23] audit: type=1326 audit(1669991590.469:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25001 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f0223a65bf6 code=0x0
[ 1341.067852][   T23] audit: type=1326 audit(1669991590.469:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25001 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f0223a65bf6 code=0x0
[ 1341.091544][   T23] audit: type=1326 audit(1669991590.519:1935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25001 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:13 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x0, &(0x7f0000000080)})

14:33:13 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x600000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:13 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0xa, 0xa, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), &(0x7f0000000240), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000280)}}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r1=>0x0}) (async, rerun: 32)
r2 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (rerun: 32)
ioctl$RTC_UIE_OFF(r2, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0x94, r3, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async, rerun: 64)
r5 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (rerun: 64)
ioctl$RTC_UIE_OFF(r5, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="c0000008da5b9a20cacd5270faf8ff1dc3b5401e7c34ee43e77e3985de84b041f088843a990865ad56161af42679ee97c879cb9562f9bdf35a9c91cf726b53cf0d2b286902a0e94483b69bb5709c4102803850f1950b90b1a583094445feda0bd54a2062196e4786271f432063b4698909a5eeec3b91f79569ccbfe4e61ce147d3c30c611f257af6e92ae81093d5013844dd553a707d9c01dbff8ac02b3259cc1200cd3ca0c096b13772bd7762f41343c848ead127efb0b4780c084a6627fee3ddbbd15b7e6bb4822acee5f4716bc20e692e1dde5d898712057cec4e6e0d7ce1efb7f99b999c46655407dcd203cf0a3dc5eda44719724e272de61432370d9d2400a5c4c157ec4e07ab58199e0200000000000000db961d7502d238f3a66ce0cff4cb928b2bb69cba0c4e5f95c5f7fad8c66c6e69087115426716", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fbdbdf2505000000080003000800000030000180060001000a000000080006000000000014000400ff02000000000000000000000000000106000500000000001400018008000700", @ANYRES32=0x0, @ANYBLOB="060005000000000008000200000000001800018014000400fe8800000000000000000000000001011400018006000100020000000800030000000000080003000300000008000300020000001c000180080006000700000008000700", @ANYRES32=r6, @ANYBLOB="060001000a000000"], 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000440)={'syztnl2\x00', <r7=>0x0, 0x700, 0x7, 0x205, 0x3, {{0x6, 0x4, 0x3, 0x8, 0x18, 0x64, 0x0, 0xc4, 0x2f, 0x0, @empty, @broadcast, {[@ra={0x94, 0x4}]}}}}}) (async)
r8 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r8, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r9, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r10}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
r11 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r11, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r11, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r13=>0x0}) (rerun: 64)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r12, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x4}}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r13}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f00000004c0)={0x230, 0x0, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x20040010}, 0x24000043)

14:33:13 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 57)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:13 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r3 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r3, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0}) (async)
r6 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r6, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0x80, r7, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x80}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)={0xa0, r4, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xece715fc6058dc21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xa0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
setsockopt$MRT_DEL_VIF(r2, 0x0, 0xcb, &(0x7f0000000180)={0x1, 0x8, 0x2, 0x8, @vifc_lcl_ifindex=r5, @local}, 0x10) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x7b)

14:33:13 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000008}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xc8, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}]}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xc8}, 0x1, 0x0, 0x0, 0x40084}, 0x4000001)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x0, 0xe3, 0x3, 0x10001}, {0x3f, 0xcb, 0xee, 0x8001}, {0xdc, 0x0, 0xdf, 0x10001}]})
r5 = syz_open_dev$vcsu(&(0x7f0000000040), 0x81, 0x680880)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_UPDATE_FT_IES(r5, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x3b8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4004011)

14:33:13 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x700000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:13 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0) (async)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000008}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xc8, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}]}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xc8}, 0x1, 0x0, 0x0, 0x40084}, 0x4000001)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x0, 0xe3, 0x3, 0x10001}, {0x3f, 0xcb, 0xee, 0x8001}, {0xdc, 0x0, 0xdf, 0x10001}]}) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000040), 0x81, 0x680880)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_UPDATE_FT_IES(r5, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x3b8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4004011)

14:33:13 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="003c26bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
read$watch_queue(r0, &(0x7f0000000000)=""/56, 0x38)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1343.954303][T25008] FAULT_INJECTION: forcing a failure.
[ 1343.954303][T25008] name failslab, interval 1, probability 0, space 0, times 0
[ 1343.975092][T25008] CPU: 1 PID: 25008 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1343.986943][T25008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1343.996998][T25008] Call Trace:
14:33:13 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="003c26bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
read$watch_queue(r0, &(0x7f0000000000)=""/56, 0x38)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="003c26bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
read$watch_queue(r0, &(0x7f0000000000)=""/56, 0x38) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

14:33:13 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="003c26bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
read$watch_queue(r0, &(0x7f0000000000)=""/56, 0x38)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="003c26bd7000000000000a0000000800040000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
read$watch_queue(r0, &(0x7f0000000000)=""/56, 0x38) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

[ 1344.000294][T25008]  dump_stack_lvl+0x1e2/0x24b
[ 1344.004978][T25008]  ? panic+0x7d7/0x7d7
[ 1344.009068][T25008]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1344.014522][T25008]  dump_stack+0x15/0x17
[ 1344.018667][T25008]  should_fail+0x3c0/0x510
[ 1344.023089][T25008]  ? kobject_get_path+0xb8/0x1a0
[ 1344.028023][T25008]  __should_failslab+0x9f/0xe0
[ 1344.032786][T25008]  should_failslab+0x9/0x20
[ 1344.037297][T25008]  __kmalloc+0x60/0x360
[ 1344.041448][T25008]  kobject_get_path+0xb8/0x1a0
[ 1344.046233][T25008]  kobject_uevent_env+0x282/0x730
[ 1344.051255][T25008]  ? __kasan_check_write+0x14/0x20
[ 1344.056365][T25008]  kobject_uevent+0x1f/0x30
[ 1344.060869][T25008]  device_add+0x79c/0xbd0
[ 1344.065194][T25008]  device_create+0x258/0x2e0
[ 1344.069790][T25008]  ? root_device_unregister+0x80/0x80
[ 1344.075158][T25008]  ? number+0xd9b/0x1040
[ 1344.079399][T25008]  bdi_register_va+0x94/0x600
[ 1344.084072][T25008]  bdi_register+0xd1/0x120
[ 1344.088487][T25008]  ? __device_add_disk+0x536/0x11d0
[ 1344.093683][T25008]  ? bdi_register_va+0x600/0x600
[ 1344.098618][T25008]  ? vsnprintf+0x1bfd/0x1cd0
[ 1344.103206][T25008]  ? __kasan_check_read+0x11/0x20
[ 1344.108231][T25008]  ? blk_alloc_devt+0xd4/0x320
[ 1344.112993][T25008]  __device_add_disk+0x5cb/0x11d0
[ 1344.118021][T25008]  ? device_add_disk+0x40/0x40
[ 1344.122783][T25008]  ? loop_add+0x380/0x760
[ 1344.127109][T25008]  ? vsprintf+0x40/0x40
[ 1344.131260][T25008]  device_add_disk+0x2a/0x40
[ 1344.135845][T25008]  loop_add+0x58f/0x760
[ 1344.139996][T25008]  loop_control_ioctl+0x564/0x740
[ 1344.145016][T25008]  ? loop_remove+0xb0/0xb0
[ 1344.149431][T25008]  ? __fget_files+0x310/0x370
14:33:13 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x48)

[ 1344.154104][T25008]  ? security_file_ioctl+0xb1/0xd0
[ 1344.159306][T25008]  ? loop_remove+0xb0/0xb0
[ 1344.163719][T25008]  __se_sys_ioctl+0x115/0x190
[ 1344.168401][T25008]  __x64_sys_ioctl+0x7b/0x90
[ 1344.172987][T25008]  do_syscall_64+0x34/0x70
[ 1344.177407][T25008]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1344.183292][T25008] RIP: 0033:0x7f77b238e0d9
[ 1344.187711][T25008] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1344.207320][T25008] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1344.215742][T25008] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1344.223714][T25008] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1344.231695][T25008] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1344.239665][T25008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1344.247643][T25008] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:13 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x0, &(0x7f0000000080)})

14:33:13 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x48)

14:33:13 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x800000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:13 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 58)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:13 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]})
socket(0x27, 0x4, 0x7)

14:33:13 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x5, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x1, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x48) (async)

14:33:13 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0) (async)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000008}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xc8, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x54, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}]}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0xc8}, 0x1, 0x0, 0x0, 0x40084}, 0x4000001)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x0, 0xe3, 0x3, 0x10001}, {0x3f, 0xcb, 0xee, 0x8001}, {0xdc, 0x0, 0xdf, 0x10001}]}) (async)
r5 = syz_open_dev$vcsu(&(0x7f0000000040), 0x81, 0x680880) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0}) (rerun: 32)
sendmsg$NL80211_CMD_UPDATE_FT_IES(r5, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x3b8}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4004011)

[ 1344.296637][T24804] udevd[24804]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1344.331617][T25057] FAULT_INJECTION: forcing a failure.
[ 1344.331617][T25057] name failslab, interval 1, probability 0, space 0, times 0
14:33:13 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x900000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:13 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x0, &(0x7f0000000080)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x0, &(0x7f0000000080)}) (async)

[ 1344.345147][T25057] CPU: 1 PID: 25057 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1344.356873][T25057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1344.366930][T25057] Call Trace:
[ 1344.370219][T25057]  dump_stack_lvl+0x1e2/0x24b
[ 1344.374905][T25057]  ? panic+0x7d7/0x7d7
[ 1344.378966][T25057]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1344.384423][T25057]  dump_stack+0x15/0x17
[ 1344.388575][T25057]  should_fail+0x3c0/0x510
[ 1344.392985][T25057]  ? kobject_get_path+0xb8/0x1a0
[ 1344.397911][T25057]  __should_failslab+0x9f/0xe0
[ 1344.402652][T25057]  should_failslab+0x9/0x20
[ 1344.407135][T25057]  __kmalloc+0x60/0x360
[ 1344.411263][T25057]  kobject_get_path+0xb8/0x1a0
[ 1344.415998][T25057]  kobject_uevent_env+0x282/0x730
[ 1344.421001][T25057]  ? __kasan_check_write+0x14/0x20
[ 1344.426088][T25057]  kobject_uevent+0x1f/0x30
[ 1344.430564][T25057]  device_add+0x79c/0xbd0
[ 1344.434869][T25057]  device_create+0x258/0x2e0
[ 1344.439440][T25057]  ? root_device_unregister+0x80/0x80
[ 1344.444791][T25057]  ? number+0xd9b/0x1040
[ 1344.449012][T25057]  bdi_register_va+0x94/0x600
[ 1344.453659][T25057]  bdi_register+0xd1/0x120
[ 1344.458052][T25057]  ? __device_add_disk+0x536/0x11d0
[ 1344.463222][T25057]  ? bdi_register_va+0x600/0x600
[ 1344.468131][T25057]  ? vsnprintf+0x1bfd/0x1cd0
[ 1344.472695][T25057]  ? __kasan_check_read+0x11/0x20
[ 1344.477690][T25057]  ? blk_alloc_devt+0xd4/0x320
[ 1344.482422][T25057]  __device_add_disk+0x5cb/0x11d0
[ 1344.487442][T25057]  ? device_add_disk+0x40/0x40
[ 1344.492177][T25057]  ? loop_add+0x380/0x760
[ 1344.496477][T25057]  ? vsprintf+0x40/0x40
[ 1344.500602][T25057]  device_add_disk+0x2a/0x40
[ 1344.505249][T25057]  loop_add+0x58f/0x760
[ 1344.509389][T25057]  loop_control_ioctl+0x564/0x740
[ 1344.514389][T25057]  ? loop_remove+0xb0/0xb0
[ 1344.518787][T25057]  ? __fget_files+0x310/0x370
[ 1344.523441][T25057]  ? security_file_ioctl+0xb1/0xd0
[ 1344.528528][T25057]  ? loop_remove+0xb0/0xb0
[ 1344.533009][T25057]  __se_sys_ioctl+0x115/0x190
[ 1344.537663][T25057]  __x64_sys_ioctl+0x7b/0x90
[ 1344.542232][T25057]  do_syscall_64+0x34/0x70
[ 1344.546623][T25057]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1344.552486][T25057] RIP: 0033:0x7f77b238e0d9
[ 1344.556875][T25057] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1344.576454][T25057] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1344.584839][T25057] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:33:14 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000040)={0x0, 0x26, 0x4, 0x13, 0x0, 0x45ff752d, 0x1, 0x4, 0xffffffffffffffff})
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_WIE_ON(r0, 0x700f)

14:33:14 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000)={0x9, 0x8, 0x3a89, 0x4, 0x7}, 0x14)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:33:14 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000)={0x9, 0x8, 0x3a89, 0x4, 0x7}, 0x14)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0) (async)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r0) (async)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000)={0x9, 0x8, 0x3a89, 0x4, 0x7}, 0x14) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

14:33:14 executing program 5:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x22400, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r1=>0x0})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000140)={r1, 0x2, r2, 0x8d})

14:33:14 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0) (async)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r0) (async)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000)={0x9, 0x8, 0x3a89, 0x4, 0x7}, 0x14)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:33:14 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r0, 0x707b, 0x9})

[ 1344.592785][T25057] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1344.600732][T25057] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1344.608675][T25057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1344.616622][T25057] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:14 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 59)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1344.714764][T24804] udevd[24804]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1344.732529][T25089] FAULT_INJECTION: forcing a failure.
[ 1344.732529][T25089] name failslab, interval 1, probability 0, space 0, times 0
[ 1344.745237][T25089] CPU: 1 PID: 25089 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1344.756947][T25089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1344.766982][T25089] Call Trace:
[ 1344.770277][T25089]  dump_stack_lvl+0x1e2/0x24b
[ 1344.774930][T25089]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1344.780379][T25089]  ? vsnprintf+0x1bfd/0x1cd0
[ 1344.784972][T25089]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1344.791046][T25089]  dump_stack+0x15/0x17
[ 1344.795198][T25089]  should_fail+0x3c0/0x510
[ 1344.799612][T25089]  __should_failslab+0x9f/0xe0
[ 1344.804369][T25089]  should_failslab+0x9/0x20
[ 1344.808866][T25089]  kmem_cache_alloc+0x3f/0x300
[ 1344.813623][T25089]  ? __alloc_skb+0x7e/0x580
[ 1344.818119][T25089]  ? add_uevent_var+0x269/0x440
[ 1344.822965][T25089]  __alloc_skb+0x7e/0x580
[ 1344.827336][T25089]  alloc_uevent_skb+0x7f/0x230
[ 1344.832112][T25089]  kobject_uevent_net_broadcast+0x321/0x5a0
[ 1344.838016][T25089]  kobject_uevent_env+0x540/0x730
[ 1344.843035][T25089]  kobject_uevent+0x1f/0x30
[ 1344.847534][T25089]  device_add+0x79c/0xbd0
[ 1344.851860][T25089]  device_create+0x258/0x2e0
[ 1344.856444][T25089]  ? root_device_unregister+0x80/0x80
[ 1344.861815][T25089]  ? number+0xd9b/0x1040
[ 1344.866051][T25089]  bdi_register_va+0x94/0x600
[ 1344.870727][T25089]  bdi_register+0xd1/0x120
[ 1344.875149][T25089]  ? __device_add_disk+0x536/0x11d0
[ 1344.880336][T25089]  ? bdi_register_va+0x600/0x600
[ 1344.885270][T25089]  ? vsnprintf+0x1bfd/0x1cd0
[ 1344.889858][T25089]  ? __kasan_check_read+0x11/0x20
[ 1344.894876][T25089]  ? blk_alloc_devt+0xd4/0x320
[ 1344.899634][T25089]  __device_add_disk+0x5cb/0x11d0
[ 1344.904657][T25089]  ? device_add_disk+0x40/0x40
[ 1344.909420][T25089]  ? loop_add+0x380/0x760
[ 1344.913747][T25089]  ? vsprintf+0x40/0x40
[ 1344.917901][T25089]  device_add_disk+0x2a/0x40
[ 1344.922499][T25089]  loop_add+0x58f/0x760
[ 1344.926657][T25089]  loop_control_ioctl+0x564/0x740
[ 1344.931674][T25089]  ? loop_remove+0xb0/0xb0
[ 1344.936089][T25089]  ? __fget_files+0x310/0x370
[ 1344.940850][T25089]  ? security_file_ioctl+0xb1/0xd0
[ 1344.945956][T25089]  ? loop_remove+0xb0/0xb0
[ 1344.950368][T25089]  __se_sys_ioctl+0x115/0x190
[ 1344.955039][T25089]  __x64_sys_ioctl+0x7b/0x90
[ 1344.959624][T25089]  do_syscall_64+0x34/0x70
[ 1344.964297][T25089]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1344.970179][T25089] RIP: 0033:0x7f77b238e0d9
[ 1344.974591][T25089] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1344.994202][T25089] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1345.002620][T25089] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1345.010600][T25089] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1345.018661][T25089] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1345.026631][T25089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1345.034607][T25089] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:14 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]})
socket(0x27, 0x4, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
socket(0x27, 0x4, 0x7) (async)

14:33:14 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async, rerun: 32)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async, rerun: 32)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r0, 0x707b, 0x9})

14:33:14 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xa00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:14 executing program 5:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x22400, 0x0) (async, rerun: 32)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r1=>0x0}) (rerun: 32)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000140)={r1, 0x2, r2, 0x8d})

14:33:14 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 60)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1345.313700][   T23] kauditd_printk_skb: 7 callbacks suppressed
[ 1345.313711][   T23] audit: type=1326 audit(1669991594.759:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25095 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1345.350698][T25101] FAULT_INJECTION: forcing a failure.
[ 1345.350698][T25101] name failslab, interval 1, probability 0, space 0, times 0
[ 1345.363651][T25101] CPU: 0 PID: 25101 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1345.375538][T25101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1345.385594][T25101] Call Trace:
[ 1345.388884][T25101]  dump_stack_lvl+0x1e2/0x24b
[ 1345.393559][T25101]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1345.399013][T25101]  ? do_syscall_64+0x34/0x70
[ 1345.403599][T25101]  dump_stack+0x15/0x17
[ 1345.407750][T25101]  should_fail+0x3c0/0x510
[ 1345.412161][T25101]  __should_failslab+0x9f/0xe0
[ 1345.416921][T25101]  should_failslab+0x9/0x20
[ 1345.421426][T25101]  kmem_cache_alloc+0x3f/0x300
[ 1345.426187][T25101]  ? skb_ext_add+0x13d/0x7e0
[ 1345.430781][T25101]  skb_ext_add+0x13d/0x7e0
[ 1345.435192][T25101]  ? kasan_unpoison+0x61/0x80
[ 1345.439863][T25101]  __alloc_skb+0x3c7/0x580
[ 1345.444272][T25101]  alloc_uevent_skb+0x7f/0x230
[ 1345.449041][T25101]  kobject_uevent_net_broadcast+0x321/0x5a0
[ 1345.454932][T25101]  kobject_uevent_env+0x540/0x730
[ 1345.459965][T25101]  kobject_uevent+0x1f/0x30
[ 1345.464605][T25101]  device_add+0x79c/0xbd0
[ 1345.468931][T25101]  device_create+0x258/0x2e0
[ 1345.473524][T25101]  ? root_device_unregister+0x80/0x80
[ 1345.478898][T25101]  ? number+0xd9b/0x1040
[ 1345.483141][T25101]  bdi_register_va+0x94/0x600
[ 1345.487812][T25101]  bdi_register+0xd1/0x120
[ 1345.492331][T25101]  ? __device_add_disk+0x536/0x11d0
[ 1345.497559][T25101]  ? bdi_register_va+0x600/0x600
[ 1345.502499][T25101]  ? vsnprintf+0x1bfd/0x1cd0
[ 1345.507088][T25101]  ? __kasan_check_read+0x11/0x20
[ 1345.512136][T25101]  ? blk_alloc_devt+0xd4/0x320
[ 1345.516921][T25101]  __device_add_disk+0x5cb/0x11d0
[ 1345.521946][T25101]  ? device_add_disk+0x40/0x40
[ 1345.526742][T25101]  ? loop_add+0x380/0x760
[ 1345.531074][T25101]  ? vsprintf+0x40/0x40
[ 1345.535229][T25101]  device_add_disk+0x2a/0x40
[ 1345.539816][T25101]  loop_add+0x58f/0x760
[ 1345.543973][T25101]  loop_control_ioctl+0x564/0x740
[ 1345.548993][T25101]  ? loop_remove+0xb0/0xb0
[ 1345.553408][T25101]  ? __fget_files+0x310/0x370
[ 1345.558090][T25101]  ? security_file_ioctl+0xb1/0xd0
[ 1345.563197][T25101]  ? loop_remove+0xb0/0xb0
[ 1345.567611][T25101]  __se_sys_ioctl+0x115/0x190
[ 1345.572289][T25101]  __x64_sys_ioctl+0x7b/0x90
[ 1345.576878][T25101]  do_syscall_64+0x34/0x70
[ 1345.581295][T25101]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1345.587190][T25101] RIP: 0033:0x7f77b238e0d9
[ 1345.591624][T25101] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1345.611228][T25101] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1345.619648][T25101] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1345.627713][T25101] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1345.635686][T25101] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1345.643651][T25101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1345.651620][T25101] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:15 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f) (async)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000040)={0x0, 0x26, 0x4, 0x13, 0x0, 0x45ff752d, 0x1, 0x4, 0xffffffffffffffff}) (async)
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004) (async)
ioctl$RTC_WIE_ON(r0, 0x700f)

14:33:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:15 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r0, 0x707b, 0x9})
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={r0, 0x707b, 0x9}) (async)

14:33:15 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0xfffffffb, 0x7, 0xe0000000, 0x10, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1, 0xc}, 0x48)

14:33:15 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0xfffffffb, 0x7, 0xe0000000, 0x10, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1, 0xc}, 0x48)

14:33:15 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0xfffffffb, 0x7, 0xe0000000, 0x10, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1, 0xc}, 0x48)

14:33:15 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)

[ 1345.659789][   T23] audit: type=1326 audit(1669991594.819:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25095 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1345.704778][   T23] audit: type=1326 audit(1669991595.139:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25120 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1345.736986][   T23] audit: type=1326 audit(1669991595.139:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25121 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1345.767772][   T23] audit: type=1326 audit(1669991595.209:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25121 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:15 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]})
socket(0x27, 0x4, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
socket(0x27, 0x4, 0x7) (async)

14:33:15 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) (async)

14:33:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:15 executing program 5:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x22400, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)={<r1=>0x0})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000140)={r1, 0x2, r2, 0x8d})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x22400, 0x0) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000140)={r1, 0x2, r2, 0x8d}) (async)

14:33:15 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 61)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1345.968324][   T23] audit: type=1326 audit(1669991595.419:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1345.994807][T25134] FAULT_INJECTION: forcing a failure.
[ 1345.994807][T25134] name failslab, interval 1, probability 0, space 0, times 0
[ 1346.008009][T25134] CPU: 0 PID: 25134 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1346.019722][T25134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1346.029773][T25134] Call Trace:
[ 1346.033057][T25134]  dump_stack_lvl+0x1e2/0x24b
[ 1346.037815][T25134]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1346.043263][T25134]  dump_stack+0x15/0x17
[ 1346.047401][T25134]  should_fail+0x3c0/0x510
[ 1346.051880][T25134]  __should_failslab+0x9f/0xe0
[ 1346.056618][T25134]  should_failslab+0x9/0x20
[ 1346.061095][T25134]  kmem_cache_alloc+0x3f/0x300
[ 1346.065831][T25134]  ? skb_clone+0x1d6/0x3b0
[ 1346.070218][T25134]  skb_clone+0x1d6/0x3b0
[ 1346.074435][T25134]  netlink_broadcast_filtered+0x654/0x1200
[ 1346.080213][T25134]  netlink_broadcast+0x3a/0x50
[ 1346.084980][T25134]  kobject_uevent_net_broadcast+0x3b1/0x5a0
[ 1346.090847][T25134]  kobject_uevent_env+0x540/0x730
[ 1346.095856][T25134]  kobject_uevent+0x1f/0x30
[ 1346.100433][T25134]  device_add+0x79c/0xbd0
[ 1346.104737][T25134]  device_create+0x258/0x2e0
[ 1346.109302][T25134]  ? root_device_unregister+0x80/0x80
[ 1346.114646][T25134]  ? number+0xd9b/0x1040
[ 1346.118870][T25134]  bdi_register_va+0x94/0x600
[ 1346.123526][T25134]  bdi_register+0xd1/0x120
[ 1346.127922][T25134]  ? __device_add_disk+0x536/0x11d0
[ 1346.133092][T25134]  ? bdi_register_va+0x600/0x600
[ 1346.138005][T25134]  ? vsnprintf+0x1bfd/0x1cd0
[ 1346.142572][T25134]  ? __kasan_check_read+0x11/0x20
[ 1346.147568][T25134]  ? blk_alloc_devt+0xd4/0x320
[ 1346.152309][T25134]  __device_add_disk+0x5cb/0x11d0
[ 1346.157409][T25134]  ? device_add_disk+0x40/0x40
[ 1346.162144][T25134]  ? loop_add+0x380/0x760
[ 1346.166475][T25134]  ? vsprintf+0x40/0x40
[ 1346.170702][T25134]  device_add_disk+0x2a/0x40
[ 1346.175264][T25134]  loop_add+0x58f/0x760
[ 1346.179394][T25134]  loop_control_ioctl+0x564/0x740
[ 1346.184417][T25134]  ? loop_remove+0xb0/0xb0
[ 1346.188812][T25134]  ? __fget_files+0x310/0x370
[ 1346.193476][T25134]  ? security_file_ioctl+0xb1/0xd0
[ 1346.198568][T25134]  ? loop_remove+0xb0/0xb0
[ 1346.202957][T25134]  __se_sys_ioctl+0x115/0x190
[ 1346.207610][T25134]  __x64_sys_ioctl+0x7b/0x90
[ 1346.212170][T25134]  do_syscall_64+0x34/0x70
[ 1346.216561][T25134]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1346.222431][T25134] RIP: 0033:0x7f77b238e0d9
[ 1346.226821][T25134] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1346.246402][T25134] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1346.254791][T25134] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1346.262741][T25134] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1346.270792][T25134] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1346.278742][T25134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1346.286689][T25134] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1346.295612][   T23] audit: type=1326 audit(1669991595.749:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25129 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1346.330466][   T23] audit: type=1326 audit(1669991595.779:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25137 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1346.378594][   T23] audit: type=1326 audit(1669991595.829:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25137 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:15 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000040)={0x0, 0x26, 0x4, 0x13, 0x0, 0x45ff752d, 0x1, 0x4, 0xffffffffffffffff})
r0 = syz_open_dev$rtc(&(0x7f0000000600), 0x0, 0x0)
ioctl$RTC_UIE_OFF(r0, 0x7004)
ioctl$RTC_WIE_ON(r0, 0x700f)

14:33:15 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)

14:33:15 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xd00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:15 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 62)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:16 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xfe, 0x0, @vifc_lcl_addr=@multicast2, @rand_addr=0x64010102}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
r2 = syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x1)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000080)={@rand_addr=0x64010102, @loopback, 0x0, "3225e2ba99fc88663cef83db3febc5eb2c0f4d9667cf75f29544b304b98d7901", 0x101, 0x0, 0x4, 0xee4b}, 0x3c)

14:33:16 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xfe, 0x0, @vifc_lcl_addr=@multicast2, @rand_addr=0x64010102}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
r2 = syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x1)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000080)={@rand_addr=0x64010102, @loopback, 0x0, "3225e2ba99fc88663cef83db3febc5eb2c0f4d9667cf75f29544b304b98d7901", 0x101, 0x0, 0x4, 0xee4b}, 0x3c)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
socket$igmp(0x2, 0x3, 0x2) (async)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xfe, 0x0, @vifc_lcl_addr=@multicast2, @rand_addr=0x64010102}, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x1) (async)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000080)={@rand_addr=0x64010102, @loopback, 0x0, "3225e2ba99fc88663cef83db3febc5eb2c0f4d9667cf75f29544b304b98d7901", 0x101, 0x0, 0x4, 0xee4b}, 0x3c) (async)

14:33:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xe00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1346.546520][   T23] audit: type=1326 audit(1669991595.999:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25142 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1346.657260][T25159] FAULT_INJECTION: forcing a failure.
[ 1346.657260][T25159] name failslab, interval 1, probability 0, space 0, times 0
[ 1346.684090][T25159] CPU: 0 PID: 25159 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1346.695832][T25159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1346.705887][T25159] Call Trace:
[ 1346.709178][T25159]  dump_stack_lvl+0x1e2/0x24b
[ 1346.713858][T25159]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1346.719313][T25159]  ? kmem_cache_free+0xa9/0x1f0
[ 1346.724162][T25159]  dump_stack+0x15/0x17
[ 1346.728316][T25159]  should_fail+0x3c0/0x510
[ 1346.732737][T25159]  __should_failslab+0x9f/0xe0
[ 1346.737758][T25159]  should_failslab+0x9/0x20
[ 1346.742254][T25159]  kmem_cache_alloc+0x3f/0x300
[ 1346.747016][T25159]  ? __d_alloc+0x2d/0x6b0
[ 1346.751377][T25159]  __d_alloc+0x2d/0x6b0
[ 1346.755524][T25159]  ? avc_has_perm_noaudit+0x358/0x4c0
[ 1346.760887][T25159]  d_alloc_parallel+0xe6/0x1330
[ 1346.765732][T25159]  ? avc_has_perm_noaudit+0x2ed/0x4c0
[ 1346.771099][T25159]  ? avc_denied+0x1b0/0x1b0
[ 1346.775595][T25159]  ? kfree+0xc3/0x290
[ 1346.779578][T25159]  ? d_hash_and_lookup+0x200/0x200
[ 1346.784707][T25159]  ? selinux_inode_permission+0x439/0x670
[ 1346.790422][T25159]  ? selinux_inode_follow_link+0x3c0/0x3c0
[ 1346.796224][T25159]  ? kobject_uevent_env+0x348/0x730
[ 1346.801418][T25159]  __lookup_slow+0x14e/0x400
[ 1346.806092][T25159]  ? __d_lookup+0x4da/0x530
[ 1346.810591][T25159]  ? lookup_one_len+0x6a0/0x6a0
[ 1346.815439][T25159]  lookup_one_len+0x43d/0x6a0
[ 1346.820111][T25159]  ? try_lookup_one_len+0x660/0x660
[ 1346.825314][T25159]  ? device_create+0x2bc/0x2e0
[ 1346.830078][T25159]  ? mntput+0x63/0xc0
[ 1346.834062][T25159]  start_creating+0x166/0x320
[ 1346.838744][T25159]  debugfs_create_dir+0x27/0x450
[ 1346.843681][T25159]  bdi_register_va+0x260/0x600
[ 1346.848439][T25159]  bdi_register+0xd1/0x120
[ 1346.852849][T25159]  ? __device_add_disk+0x536/0x11d0
[ 1346.858038][T25159]  ? bdi_register_va+0x600/0x600
[ 1346.862981][T25159]  ? vsnprintf+0x1bfd/0x1cd0
[ 1346.867568][T25159]  ? __kasan_check_read+0x11/0x20
[ 1346.872586][T25159]  ? blk_alloc_devt+0xd4/0x320
[ 1346.877343][T25159]  __device_add_disk+0x5cb/0x11d0
[ 1346.882364][T25159]  ? device_add_disk+0x40/0x40
[ 1346.887123][T25159]  ? loop_add+0x380/0x760
[ 1346.891449][T25159]  ? vsprintf+0x40/0x40
[ 1346.895606][T25159]  device_add_disk+0x2a/0x40
[ 1346.900205][T25159]  loop_add+0x58f/0x760
[ 1346.904361][T25159]  loop_control_ioctl+0x564/0x740
[ 1346.909380][T25159]  ? loop_remove+0xb0/0xb0
[ 1346.913793][T25159]  ? __fget_files+0x310/0x370
[ 1346.918469][T25159]  ? security_file_ioctl+0xb1/0xd0
[ 1346.923576][T25159]  ? loop_remove+0xb0/0xb0
[ 1346.927990][T25159]  __se_sys_ioctl+0x115/0x190
[ 1346.932668][T25159]  __x64_sys_ioctl+0x7b/0x90
[ 1346.937257][T25159]  do_syscall_64+0x34/0x70
[ 1346.941671][T25159]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1346.947556][T25159] RIP: 0033:0x7f77b238e0d9
[ 1346.951968][T25159] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1346.971662][T25159] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1346.980081][T25159] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1346.988062][T25159] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1346.996040][T25159] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1347.004014][T25159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1347.011991][T25159] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:16 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
eventfd2(0x5, 0xc0000)

14:33:16 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xfe, 0x0, @vifc_lcl_addr=@multicast2, @rand_addr=0x64010102}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
r2 = syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x1)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000080)={@rand_addr=0x64010102, @loopback, 0x0, "3225e2ba99fc88663cef83db3febc5eb2c0f4d9667cf75f29544b304b98d7901", 0x101, 0x0, 0x4, 0xee4b}, 0x3c)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
socket$igmp(0x2, 0x3, 0x2) (async)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000000)={0xffffffffffffffff, 0x1, 0xfe, 0x0, @vifc_lcl_addr=@multicast2, @rand_addr=0x64010102}, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x1) (async)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000080)={@rand_addr=0x64010102, @loopback, 0x0, "3225e2ba99fc88663cef83db3febc5eb2c0f4d9667cf75f29544b304b98d7901", 0x101, 0x0, 0x4, 0xee4b}, 0x3c) (async)

14:33:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0xf00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:16 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x0, &(0x7f0000000040)})

14:33:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1000000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:16 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 63)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:16 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x81, 0x7, 0x7, 0x810, 0xffffffffffffffff, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x0, 0xe}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, &(0x7f0000000240)="4e31071dd4993210697477658ce4ae4c93b7b99d970b1732811afc8313d254f6128022a39c3ac6e1ff441d42c8ff5ab56848b0bcd251b8154b022614e99c950e6d628a7e97b930cee4cb4b17c0934c7e076a873286bbc242319eb40a84f9acbcea15ad1771b9c0d34e80e5c861daa7d9aa2eb115575d558ef6557024cd32bd106f8a592c2ba8ec9741f9ce3980b8717e12a79fa2485bbd1ea350e0853d9f4521d84b09eeb29585ba", &(0x7f0000000180)=@buf="8db78166cae54a8214feac1ca2666a9ba9c91574cc451e68bdbc9f6a9d5c20157bc666cf44a6fca3b2e5cbc65bf79cc7", 0x2}, 0x20)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000080)={'gretap0\x00', <r1=>0x0, 0x20, 0x700, 0x81, 0x5, {{0x1d, 0x4, 0x2, 0x3d, 0x74, 0x64, 0x0, 0xfb, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @multicast2, {[@timestamp={0x44, 0x8, 0x54, 0x0, 0x8, [0x843f]}, @rr={0x7, 0x7, 0x46, [@rand_addr=0x64010102]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x49, 0x0, [{0x5, 0xc, "6b668eaeba3fd7a2626c"}, {0x2, 0x5, "d3f384"}, {0x1, 0x4, "069a"}, {0x0, 0x6, "92b43eb3"}, {0x7, 0xe, "acafc82567a36b9d5d7a4acd"}, {0x1, 0xa, "100e6eb1f0805b07"}, {0x2, 0x5, "7bc84b"}, {0x7, 0xb, "72244ee7dbe21c81f9"}]}, @ra={0x94, 0x4}]}}}}})
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xa, 0x2, 0x0, 0x3, 0x300, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x4, 0x4, 0x2}, 0x48)

14:33:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:16 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x0, &(0x7f0000000040)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x0, &(0x7f0000000040)}) (async)

14:33:16 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1200000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:16 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x81, 0x7, 0x7, 0x810, 0xffffffffffffffff, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x0, 0xe}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, &(0x7f0000000240)="4e31071dd4993210697477658ce4ae4c93b7b99d970b1732811afc8313d254f6128022a39c3ac6e1ff441d42c8ff5ab56848b0bcd251b8154b022614e99c950e6d628a7e97b930cee4cb4b17c0934c7e076a873286bbc242319eb40a84f9acbcea15ad1771b9c0d34e80e5c861daa7d9aa2eb115575d558ef6557024cd32bd106f8a592c2ba8ec9741f9ce3980b8717e12a79fa2485bbd1ea350e0853d9f4521d84b09eeb29585ba", &(0x7f0000000180)=@buf="8db78166cae54a8214feac1ca2666a9ba9c91574cc451e68bdbc9f6a9d5c20157bc666cf44a6fca3b2e5cbc65bf79cc7", 0x2}, 0x20)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000080)={'gretap0\x00', <r1=>0x0, 0x20, 0x700, 0x81, 0x5, {{0x1d, 0x4, 0x2, 0x3d, 0x74, 0x64, 0x0, 0xfb, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @multicast2, {[@timestamp={0x44, 0x8, 0x54, 0x0, 0x8, [0x843f]}, @rr={0x7, 0x7, 0x46, [@rand_addr=0x64010102]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x49, 0x0, [{0x5, 0xc, "6b668eaeba3fd7a2626c"}, {0x2, 0x5, "d3f384"}, {0x1, 0x4, "069a"}, {0x0, 0x6, "92b43eb3"}, {0x7, 0xe, "acafc82567a36b9d5d7a4acd"}, {0x1, 0xa, "100e6eb1f0805b07"}, {0x2, 0x5, "7bc84b"}, {0x7, 0xb, "72244ee7dbe21c81f9"}]}, @ra={0x94, 0x4}]}}}}})
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xa, 0x2, 0x0, 0x3, 0x300, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x4, 0x4, 0x2}, 0x48)

14:33:16 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x0, &(0x7f0000000040)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000000)={0x0, &(0x7f0000000040)}) (async)

[ 1347.391793][T25179] FAULT_INJECTION: forcing a failure.
[ 1347.391793][T25179] name failslab, interval 1, probability 0, space 0, times 0
[ 1347.443594][T25179] CPU: 0 PID: 25179 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1347.455330][T25179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1347.465470][T25179] Call Trace:
[ 1347.468760][T25179]  dump_stack_lvl+0x1e2/0x24b
[ 1347.473437][T25179]  ? panic+0x7d7/0x7d7
[ 1347.477503][T25179]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1347.482961][T25179]  ? __lookup_slow+0x2f7/0x400
[ 1347.487729][T25179]  ? lookup_one_len+0x6a0/0x6a0
[ 1347.492657][T25179]  dump_stack+0x15/0x17
[ 1347.496804][T25179]  should_fail+0x3c0/0x510
[ 1347.501212][T25179]  __should_failslab+0x9f/0xe0
[ 1347.505972][T25179]  should_failslab+0x9/0x20
[ 1347.510570][T25179]  kmem_cache_alloc+0x3f/0x300
[ 1347.515452][T25179]  ? new_inode_pseudo+0x7c/0x220
[ 1347.520386][T25179]  ? try_lookup_one_len+0x660/0x660
[ 1347.525671][T25179]  ? device_create+0x2bc/0x2e0
[ 1347.530430][T25179]  new_inode_pseudo+0x7c/0x220
[ 1347.535193][T25179]  new_inode+0x28/0x1c0
[ 1347.539350][T25179]  ? start_creating+0x206/0x320
[ 1347.544195][T25179]  debugfs_create_dir+0xf3/0x450
[ 1347.549124][T25179]  bdi_register_va+0x260/0x600
[ 1347.553879][T25179]  bdi_register+0xd1/0x120
[ 1347.558289][T25179]  ? __device_add_disk+0x536/0x11d0
[ 1347.563483][T25179]  ? bdi_register_va+0x600/0x600
[ 1347.568415][T25179]  ? vsnprintf+0x1bfd/0x1cd0
[ 1347.573002][T25179]  ? __kasan_check_read+0x11/0x20
[ 1347.578024][T25179]  ? blk_alloc_devt+0xd4/0x320
[ 1347.582778][T25179]  __device_add_disk+0x5cb/0x11d0
[ 1347.587794][T25179]  ? device_add_disk+0x40/0x40
[ 1347.592553][T25179]  ? loop_add+0x380/0x760
[ 1347.596880][T25179]  ? vsprintf+0x40/0x40
[ 1347.601037][T25179]  device_add_disk+0x2a/0x40
[ 1347.605622][T25179]  loop_add+0x58f/0x760
[ 1347.609770][T25179]  loop_control_ioctl+0x564/0x740
[ 1347.614790][T25179]  ? loop_remove+0xb0/0xb0
[ 1347.619205][T25179]  ? __fget_files+0x310/0x370
[ 1347.623879][T25179]  ? security_file_ioctl+0xb1/0xd0
[ 1347.628981][T25179]  ? loop_remove+0xb0/0xb0
[ 1347.633392][T25179]  __se_sys_ioctl+0x115/0x190
[ 1347.638065][T25179]  __x64_sys_ioctl+0x7b/0x90
[ 1347.642654][T25179]  do_syscall_64+0x34/0x70
[ 1347.647076][T25179]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1347.652961][T25179] RIP: 0033:0x7f77b238e0d9
[ 1347.657369][T25179] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1347.676972][T25179] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1347.685392][T25179] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1347.693364][T25179] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1347.701344][T25179] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1347.709504][T25179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1347.717654][T25179] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1347.741343][T25179] debugfs: out of free dentries, can not create directory '7:0'
14:33:17 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
eventfd2(0x5, 0xc0000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
eventfd2(0x5, 0xc0000) (async)

14:33:17 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x81, 0x7, 0x7, 0x810, 0xffffffffffffffff, 0x400, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x0, 0xe}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, &(0x7f0000000240)="4e31071dd4993210697477658ce4ae4c93b7b99d970b1732811afc8313d254f6128022a39c3ac6e1ff441d42c8ff5ab56848b0bcd251b8154b022614e99c950e6d628a7e97b930cee4cb4b17c0934c7e076a873286bbc242319eb40a84f9acbcea15ad1771b9c0d34e80e5c861daa7d9aa2eb115575d558ef6557024cd32bd106f8a592c2ba8ec9741f9ce3980b8717e12a79fa2485bbd1ea350e0853d9f4521d84b09eeb29585ba", &(0x7f0000000180)=@buf="8db78166cae54a8214feac1ca2666a9ba9c91574cc451e68bdbc9f6a9d5c20157bc666cf44a6fca3b2e5cbc65bf79cc7", 0x2}, 0x20) (async, rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000080)={'gretap0\x00', <r1=>0x0, 0x20, 0x700, 0x81, 0x5, {{0x1d, 0x4, 0x2, 0x3d, 0x74, 0x64, 0x0, 0xfb, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @multicast2, {[@timestamp={0x44, 0x8, 0x54, 0x0, 0x8, [0x843f]}, @rr={0x7, 0x7, 0x46, [@rand_addr=0x64010102]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x49, 0x0, [{0x5, 0xc, "6b668eaeba3fd7a2626c"}, {0x2, 0x5, "d3f384"}, {0x1, 0x4, "069a"}, {0x0, 0x6, "92b43eb3"}, {0x7, 0xe, "acafc82567a36b9d5d7a4acd"}, {0x1, 0xa, "100e6eb1f0805b07"}, {0x2, 0x5, "7bc84b"}, {0x7, 0xb, "72244ee7dbe21c81f9"}]}, @ra={0x94, 0x4}]}}}}}) (rerun: 32)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0xa, 0x2, 0x0, 0x3, 0x300, r0, 0x3, '\x00', r1, 0xffffffffffffffff, 0x4, 0x4, 0x2}, 0x48)

14:33:17 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1300000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:17 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x28, r1, 0x800, 0xfffffffc, 0x0, {{}, {@void, @val={0xc, 0x99, {0x1, 0x73}}}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0xf00, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40408c0}, 0x4000)

14:33:17 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 64)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:17 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000fedbff250a00000008000600", @ANYRES32=r3, @ANYBLOB="08000b000010000005002e00010000000500370000000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14)
r4 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r4, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r7=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r8=>0x0, 0x4, 0x7, 0x9, 0x2, 0x32, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, 0x89, 0x8, 0x8, 0x9}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000002c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x29, 0x8, 0x3f, 0x7, 0x23, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x1, 0x7800, 0x1, 0x8}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'erspan0\x00', &(0x7f0000000b00)={'tunl0\x00', 0x0, 0x20, 0x20, 0xfffff800, 0x6, {{0xb, 0x4, 0x2, 0x7, 0x2c, 0x68, 0x0, 0x1, 0x2f, 0x0, @broadcast, @multicast1, {[@ssrr={0x89, 0x17, 0xd9, [@rand_addr=0x64010102, @remote, @private=0xa010100, @private=0xa010102, @loopback]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x89f8, &(0x7f0000000800)={'syztnl2\x00', &(0x7f0000000780)={'tunl0\x00', <r10=>r7, 0xff00, 0x80, 0x8, 0x1, {{0xd, 0x4, 0x1, 0x0, 0x34, 0x66, 0x0, 0x2, 0x2f, 0x0, @multicast1, @remote, {[@rr={0x7, 0x1f, 0x12, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @remote, @local, @multicast2, @multicast2, @broadcast]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000840)={'syztnl1\x00', <r11=>r7, 0x7, 0x7, 0x2, 0x7fff, {{0x1e, 0x4, 0x3, 0x2, 0x78, 0x66, 0x0, 0xfa, 0x4, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ra={0x94, 0x4, 0x1}, @end, @cipso={0x86, 0x2a, 0x3, [{0x1, 0x9, "db94caa8e24d40"}, {0x0, 0xd, "4650eb064476ea179e31f2"}, {0x2, 0xe, "ef4eb587ead40635b6e070f9"}]}, @timestamp={0x44, 0x28, 0x2a, 0x0, 0x8, [0x4, 0x9, 0x43, 0xc03, 0x80, 0x0, 0x9, 0x6, 0x3f]}, @timestamp_addr={0x44, 0xc, 0x3a, 0x1, 0x7, [{@empty, 0x80000000}]}]}}}}})
r12 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r12, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r12, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000a80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a40)={&(0x7f0000000dc0)={0x5c4, r0, 0x8, 0x70bd26, 0x25dfdc01, {}, [{{0x8, 0x1, r3}, {0x19c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1000000}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x1f4, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc9}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x589}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x104, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x100007}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x452}}}]}}, {{0x8, 0x1, r9}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x5c4}, 0x1, 0x0, 0x0, 0x20000870}, 0x4001)

14:33:17 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1400000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:17 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xa, &(0x7f0000000080)={&(0x7f0000000100)={0x60, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4040080}, 0x880)

14:33:17 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xa, &(0x7f0000000080)={&(0x7f0000000100)={0x60, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4040080}, 0x880)

14:33:17 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1500000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1348.035962][T25200] FAULT_INJECTION: forcing a failure.
[ 1348.035962][T25200] name failslab, interval 1, probability 0, space 0, times 0
[ 1348.085529][T25200] CPU: 0 PID: 25200 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1348.097272][T25200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1348.107328][T25200] Call Trace:
[ 1348.110622][T25200]  dump_stack_lvl+0x1e2/0x24b
[ 1348.115392][T25200]  ? panic+0x7d7/0x7d7
[ 1348.119466][T25200]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1348.124925][T25200]  ? __lookup_slow+0x2f7/0x400
[ 1348.129690][T25200]  ? lookup_one_len+0x6a0/0x6a0
[ 1348.134802][T25200]  dump_stack+0x15/0x17
[ 1348.138956][T25200]  should_fail+0x3c0/0x510
[ 1348.143372][T25200]  __should_failslab+0x9f/0xe0
[ 1348.148135][T25200]  should_failslab+0x9/0x20
[ 1348.152632][T25200]  kmem_cache_alloc+0x3f/0x300
[ 1348.157392][T25200]  ? new_inode_pseudo+0x7c/0x220
[ 1348.162323][T25200]  ? try_lookup_one_len+0x660/0x660
[ 1348.167536][T25200]  ? device_create+0x2bc/0x2e0
[ 1348.172297][T25200]  new_inode_pseudo+0x7c/0x220
[ 1348.177057][T25200]  new_inode+0x28/0x1c0
[ 1348.181221][T25200]  ? start_creating+0x206/0x320
[ 1348.186075][T25200]  debugfs_create_dir+0xf3/0x450
[ 1348.191012][T25200]  bdi_register_va+0x260/0x600
[ 1348.195770][T25200]  bdi_register+0xd1/0x120
[ 1348.200268][T25200]  ? __device_add_disk+0x536/0x11d0
[ 1348.205459][T25200]  ? bdi_register_va+0x600/0x600
[ 1348.210391][T25200]  ? vsnprintf+0x1bfd/0x1cd0
[ 1348.214977][T25200]  ? __kasan_check_read+0x11/0x20
[ 1348.219995][T25200]  ? blk_alloc_devt+0xd4/0x320
[ 1348.224750][T25200]  __device_add_disk+0x5cb/0x11d0
[ 1348.229773][T25200]  ? device_add_disk+0x40/0x40
[ 1348.234541][T25200]  ? loop_add+0x380/0x760
[ 1348.238866][T25200]  ? vsprintf+0x40/0x40
[ 1348.243022][T25200]  device_add_disk+0x2a/0x40
[ 1348.247625][T25200]  loop_add+0x58f/0x760
[ 1348.251780][T25200]  loop_control_ioctl+0x564/0x740
[ 1348.256802][T25200]  ? loop_remove+0xb0/0xb0
[ 1348.261215][T25200]  ? __fget_files+0x310/0x370
[ 1348.265896][T25200]  ? security_file_ioctl+0xb1/0xd0
[ 1348.271005][T25200]  ? loop_remove+0xb0/0xb0
[ 1348.275420][T25200]  __se_sys_ioctl+0x115/0x190
[ 1348.280093][T25200]  __x64_sys_ioctl+0x7b/0x90
[ 1348.284678][T25200]  do_syscall_64+0x34/0x70
[ 1348.289096][T25200]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1348.294978][T25200] RIP: 0033:0x7f77b238e0d9
[ 1348.299390][T25200] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1348.318998][T25200] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1348.327409][T25200] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:33:17 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xa, &(0x7f0000000080)={&(0x7f0000000100)={0x60, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4040080}, 0x880)

14:33:17 executing program 0:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "1012abf08b2273a5", "209f08db70655ae3d2b4f9df0824f51a256b032e8bfa076847c0c9b1a7cbb57a", "ba07abce", "5b3b572ad708ae9a"}, 0x38)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

[ 1348.335379][T25200] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1348.343364][T25200] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1348.351339][T25200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1348.359312][T25200] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1348.434450][T25200] debugfs: out of free dentries, can not create directory '7:0'
14:33:18 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
eventfd2(0x5, 0xc0000)

14:33:18 executing program 0:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "1012abf08b2273a5", "209f08db70655ae3d2b4f9df0824f51a256b032e8bfa076847c0c9b1a7cbb57a", "ba07abce", "5b3b572ad708ae9a"}, 0x38)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "1012abf08b2273a5", "209f08db70655ae3d2b4f9df0824f51a256b032e8bfa076847c0c9b1a7cbb57a", "ba07abce", "5b3b572ad708ae9a"}, 0x38) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

14:33:18 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1600000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:18 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 65)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:18 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x28, r1, 0x800, 0xfffffffc, 0x0, {{}, {@void, @val={0xc, 0x99, {0x1, 0x73}}}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0xf00, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40408c0}, 0x4000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x28, r1, 0x800, 0xfffffffc, 0x0, {{}, {@void, @val={0xc, 0x99, {0x1, 0x73}}}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x28}}, 0x0) (async)
sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0xf00, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40408c0}, 0x4000) (async)

14:33:18 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) (async)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000fedbff250a00000008000600", @ANYRES32=r3, @ANYBLOB="08000b000010000005002e00010000000500370000000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) (async)
r4 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r4, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r7=>0x0}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r8=>0x0, 0x4, 0x7, 0x9, 0x2, 0x32, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, 0x89, 0x8, 0x8, 0x9}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000002c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x29, 0x8, 0x3f, 0x7, 0x23, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x1, 0x7800, 0x1, 0x8}}) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'erspan0\x00', &(0x7f0000000b00)={'tunl0\x00', 0x0, 0x20, 0x20, 0xfffff800, 0x6, {{0xb, 0x4, 0x2, 0x7, 0x2c, 0x68, 0x0, 0x1, 0x2f, 0x0, @broadcast, @multicast1, {[@ssrr={0x89, 0x17, 0xd9, [@rand_addr=0x64010102, @remote, @private=0xa010100, @private=0xa010102, @loopback]}]}}}}}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x89f8, &(0x7f0000000800)={'syztnl2\x00', &(0x7f0000000780)={'tunl0\x00', <r10=>r7, 0xff00, 0x80, 0x8, 0x1, {{0xd, 0x4, 0x1, 0x0, 0x34, 0x66, 0x0, 0x2, 0x2f, 0x0, @multicast1, @remote, {[@rr={0x7, 0x1f, 0x12, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @remote, @local, @multicast2, @multicast2, @broadcast]}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000840)={'syztnl1\x00', <r11=>r7, 0x7, 0x7, 0x2, 0x7fff, {{0x1e, 0x4, 0x3, 0x2, 0x78, 0x66, 0x0, 0xfa, 0x4, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ra={0x94, 0x4, 0x1}, @end, @cipso={0x86, 0x2a, 0x3, [{0x1, 0x9, "db94caa8e24d40"}, {0x0, 0xd, "4650eb064476ea179e31f2"}, {0x2, 0xe, "ef4eb587ead40635b6e070f9"}]}, @timestamp={0x44, 0x28, 0x2a, 0x0, 0x8, [0x4, 0x9, 0x43, 0xc03, 0x80, 0x0, 0x9, 0x6, 0x3f]}, @timestamp_addr={0x44, 0xc, 0x3a, 0x1, 0x7, [{@empty, 0x80000000}]}]}}}}}) (async)
r12 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r12, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r12, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000a80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a40)={&(0x7f0000000dc0)={0x5c4, r0, 0x8, 0x70bd26, 0x25dfdc01, {}, [{{0x8, 0x1, r3}, {0x19c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1000000}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x1f4, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc9}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x589}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x104, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x100007}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x452}}}]}}, {{0x8, 0x1, r9}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x5c4}, 0x1, 0x0, 0x0, 0x20000870}, 0x4001)

14:33:18 executing program 0:
setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "1012abf08b2273a5", "209f08db70655ae3d2b4f9df0824f51a256b032e8bfa076847c0c9b1a7cbb57a", "ba07abce", "5b3b572ad708ae9a"}, 0x38) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:33:18 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1700000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1348.915597][T25232] FAULT_INJECTION: forcing a failure.
[ 1348.915597][T25232] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1348.954773][T25232] CPU: 1 PID: 25232 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1348.966508][T25232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1348.976559][T25232] Call Trace:
[ 1348.979854][T25232]  dump_stack_lvl+0x1e2/0x24b
[ 1348.984538][T25232]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1348.989993][T25232]  ? stack_trace_save+0x12d/0x1f0
[ 1348.995029][T25232]  dump_stack+0x15/0x17
[ 1348.999183][T25232]  should_fail+0x3c0/0x510
[ 1349.003612][T25232]  should_fail_alloc_page+0x50/0x60
[ 1349.008806][T25232]  __alloc_pages_nodemask+0x1c0/0x890
14:33:18 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
getpeername$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000740)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000fedbff250a00000008000600", @ANYRES32=r3, @ANYBLOB="08000b000010000005002e00010000000500370000000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000000}, 0x48090) (async, rerun: 32)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) (rerun: 32)
r4 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r4, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r7=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r8=>0x0, 0x4, 0x7, 0x9, 0x2, 0x32, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, 0x89, 0x8, 0x8, 0x9}}) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000002c0)=0x14) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x29, 0x8, 0x3f, 0x7, 0x23, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x1, 0x7800, 0x1, 0x8}}) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'erspan0\x00', &(0x7f0000000b00)={'tunl0\x00', 0x0, 0x20, 0x20, 0xfffff800, 0x6, {{0xb, 0x4, 0x2, 0x7, 0x2c, 0x68, 0x0, 0x1, 0x2f, 0x0, @broadcast, @multicast1, {[@ssrr={0x89, 0x17, 0xd9, [@rand_addr=0x64010102, @remote, @private=0xa010100, @private=0xa010102, @loopback]}]}}}}}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x89f8, &(0x7f0000000800)={'syztnl2\x00', &(0x7f0000000780)={'tunl0\x00', <r10=>r7, 0xff00, 0x80, 0x8, 0x1, {{0xd, 0x4, 0x1, 0x0, 0x34, 0x66, 0x0, 0x2, 0x2f, 0x0, @multicast1, @remote, {[@rr={0x7, 0x1f, 0x12, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @remote, @local, @multicast2, @multicast2, @broadcast]}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000840)={'syztnl1\x00', <r11=>r7, 0x7, 0x7, 0x2, 0x7fff, {{0x1e, 0x4, 0x3, 0x2, 0x78, 0x66, 0x0, 0xfa, 0x4, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ra={0x94, 0x4, 0x1}, @end, @cipso={0x86, 0x2a, 0x3, [{0x1, 0x9, "db94caa8e24d40"}, {0x0, 0xd, "4650eb064476ea179e31f2"}, {0x2, 0xe, "ef4eb587ead40635b6e070f9"}]}, @timestamp={0x44, 0x28, 0x2a, 0x0, 0x8, [0x4, 0x9, 0x43, 0xc03, 0x80, 0x0, 0x9, 0x6, 0x3f]}, @timestamp_addr={0x44, 0xc, 0x3a, 0x1, 0x7, [{@empty, 0x80000000}]}]}}}}}) (async)
r12 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r12, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r12, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'})
sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000a80)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a40)={&(0x7f0000000dc0)={0x5c4, r0, 0x8, 0x70bd26, 0x25dfdc01, {}, [{{0x8, 0x1, r3}, {0x19c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1000000}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x1f4, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc9}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x589}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x104, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x100007}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x452}}}]}}, {{0x8, 0x1, r9}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x5c4}, 0x1, 0x0, 0x0, 0x20000870}, 0x4001)

14:33:18 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48)

14:33:18 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48)

14:33:18 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48)

[ 1349.014172][T25232]  ? device_add_disk+0x2a/0x40
[ 1349.018930][T25232]  ? loop_add+0x58f/0x760
[ 1349.023263][T25232]  ? loop_control_ioctl+0x564/0x740
[ 1349.028453][T25232]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1349.034494][T25232]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 1349.040025][T25232]  ? __kasan_check_write+0x14/0x20
[ 1349.045129][T25232]  ? lockref_get+0x1b3/0x2a0
[ 1349.049712][T25232]  ? __kasan_check_write+0x14/0x20
[ 1349.054814][T25232]  __get_free_pages+0xe/0x30
[ 1349.059398][T25232]  selinux_genfs_get_sid+0x56/0x250
[ 1349.064586][T25232]  inode_doinit_with_dentry+0x858/0x1030
[ 1349.070211][T25232]  ? sb_finish_set_opts+0x7f0/0x7f0
[ 1349.075404][T25232]  ? current_time+0x1c4/0x310
[ 1349.080076][T25232]  selinux_d_instantiate+0x27/0x40
[ 1349.085182][T25232]  security_d_instantiate+0xa5/0x100
[ 1349.090469][T25232]  d_instantiate+0x55/0x90
[ 1349.094885][T25232]  debugfs_create_dir+0x247/0x450
[ 1349.099900][T25232]  bdi_register_va+0x260/0x600
[ 1349.104654][T25232]  bdi_register+0xd1/0x120
[ 1349.109063][T25232]  ? __device_add_disk+0x536/0x11d0
[ 1349.114344][T25232]  ? bdi_register_va+0x600/0x600
[ 1349.119273][T25232]  ? vsnprintf+0x1bfd/0x1cd0
[ 1349.123854][T25232]  ? __kasan_check_read+0x11/0x20
[ 1349.128881][T25232]  ? blk_alloc_devt+0xd4/0x320
[ 1349.133638][T25232]  __device_add_disk+0x5cb/0x11d0
[ 1349.138658][T25232]  ? device_add_disk+0x40/0x40
[ 1349.143417][T25232]  ? loop_add+0x380/0x760
[ 1349.147750][T25232]  ? vsprintf+0x40/0x40
[ 1349.151900][T25232]  device_add_disk+0x2a/0x40
[ 1349.156486][T25232]  loop_add+0x58f/0x760
[ 1349.160635][T25232]  loop_control_ioctl+0x564/0x740
[ 1349.165655][T25232]  ? loop_remove+0xb0/0xb0
[ 1349.170072][T25232]  ? __fget_files+0x310/0x370
[ 1349.174740][T25232]  ? security_file_ioctl+0xb1/0xd0
[ 1349.179841][T25232]  ? loop_remove+0xb0/0xb0
[ 1349.184247][T25232]  __se_sys_ioctl+0x115/0x190
[ 1349.188912][T25232]  __x64_sys_ioctl+0x7b/0x90
[ 1349.193491][T25232]  do_syscall_64+0x34/0x70
[ 1349.197902][T25232]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1349.203786][T25232] RIP: 0033:0x7f77b238e0d9
[ 1349.208192][T25232] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1349.227789][T25232] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1349.236205][T25232] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1349.244176][T25232] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1349.252147][T25232] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1349.260117][T25232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1349.268087][T25232] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:19 executing program 1:
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x16, 0xfc, 0x27}, {0x3f, 0x0, 0x0, 0x3}]})

14:33:19 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x3, 0x0, 0x6, 0xa, 0x30}, @map_fd={0x18, 0xf, 0x1, 0x0, r1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @ldst={0x0, 0x1, 0x6, 0x8, 0x3, 0x8, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2ae}, @exit, @ldst={0x0, 0x3, 0x1, 0x7, 0x3, 0xfffffffffffffffe, 0xfffffffffffffff0}], &(0x7f0000000080)='GPL\x00', 0x9, 0xe3, &(0x7f00000000c0)=""/227, 0x41100, 0x1e, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x2, 0x10001, 0x2}, 0x10}, 0x80)

14:33:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1800000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:19 executing program 2:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

14:33:19 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 66)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:19 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x28, r1, 0x800, 0xfffffffc, 0x0, {{}, {@void, @val={0xc, 0x99, {0x1, 0x73}}}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x28}}, 0x0) (async)
sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0xf00, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40408c0}, 0x4000)

14:33:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:19 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x3, 0x0, 0x6, 0xa, 0x30}, @map_fd={0x18, 0xf, 0x1, 0x0, r1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @ldst={0x0, 0x1, 0x6, 0x8, 0x3, 0x8, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2ae}, @exit, @ldst={0x0, 0x3, 0x1, 0x7, 0x3, 0xfffffffffffffffe, 0xfffffffffffffff0}], &(0x7f0000000080)='GPL\x00', 0x9, 0xe3, &(0x7f00000000c0)=""/227, 0x41100, 0x1e, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x2, 0x10001, 0x2}, 0x10}, 0x80)

14:33:19 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0) (async)
connect$bt_sco(r1, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x3, 0x0, 0x6, 0xa, 0x30}, @map_fd={0x18, 0xf, 0x1, 0x0, r1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @ldst={0x0, 0x1, 0x6, 0x8, 0x3, 0x8, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @map_val={0x18, 0x6, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2ae}, @exit, @ldst={0x0, 0x3, 0x1, 0x7, 0x3, 0xfffffffffffffffe, 0xfffffffffffffff0}], &(0x7f0000000080)='GPL\x00', 0x9, 0xe3, &(0x7f00000000c0)=""/227, 0x41100, 0x1e, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x2, 0x10001, 0x2}, 0x10}, 0x80)

14:33:19 executing program 2:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})

[ 1349.772531][T25269] FAULT_INJECTION: forcing a failure.
[ 1349.772531][T25269] name failslab, interval 1, probability 0, space 0, times 0
[ 1349.845575][T25269] CPU: 1 PID: 25269 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1349.857322][T25269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1349.867374][T25269] Call Trace:
[ 1349.870674][T25269]  dump_stack_lvl+0x1e2/0x24b
[ 1349.875352][T25269]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1349.880927][T25269]  ? __free_one_page+0x905/0xa30
[ 1349.885862][T25269]  dump_stack+0x15/0x17
[ 1349.890013][T25269]  should_fail+0x3c0/0x510
[ 1349.894423][T25269]  __should_failslab+0x9f/0xe0
[ 1349.899183][T25269]  should_failslab+0x9/0x20
[ 1349.903679][T25269]  kmem_cache_alloc+0x3f/0x300
[ 1349.908436][T25269]  ? __d_alloc+0x2d/0x6b0
[ 1349.912757][T25269]  __d_alloc+0x2d/0x6b0
[ 1349.916902][T25269]  ? avc_has_perm_noaudit+0x358/0x4c0
[ 1349.922264][T25269]  d_alloc_parallel+0xe6/0x1330
[ 1349.927104][T25269]  ? avc_has_perm_noaudit+0x2ed/0x4c0
[ 1349.932470][T25269]  ? avc_denied+0x1b0/0x1b0
[ 1349.936966][T25269]  ? __reset_page_owner+0xa0/0x160
[ 1349.942069][T25269]  ? d_hash_and_lookup+0x200/0x200
[ 1349.947179][T25269]  ? selinux_inode_permission+0x439/0x670
[ 1349.952896][T25269]  ? selinux_inode_follow_link+0x3c0/0x3c0
[ 1349.958696][T25269]  __lookup_slow+0x14e/0x400
[ 1349.963279][T25269]  ? __d_lookup+0x4da/0x530
[ 1349.967772][T25269]  ? lookup_one_len+0x6a0/0x6a0
[ 1349.972618][T25269]  lookup_one_len+0x43d/0x6a0
[ 1349.977289][T25269]  ? try_lookup_one_len+0x660/0x660
[ 1349.982498][T25269]  start_creating+0x166/0x320
[ 1349.987172][T25269]  __debugfs_create_file+0x75/0x4a0
[ 1349.992369][T25269]  ? up_write+0x19/0xd0
[ 1349.996565][T25269]  debugfs_create_file+0x4a/0x60
[ 1350.001495][T25269]  bdi_register_va+0x2ab/0x600
[ 1350.006253][T25269]  bdi_register+0xd1/0x120
[ 1350.010653][T25269]  ? __device_add_disk+0x536/0x11d0
[ 1350.015837][T25269]  ? bdi_register_va+0x600/0x600
[ 1350.020750][T25269]  ? vsnprintf+0x1bfd/0x1cd0
[ 1350.025320][T25269]  ? __kasan_check_read+0x11/0x20
[ 1350.030325][T25269]  ? blk_alloc_devt+0xd4/0x320
[ 1350.035065][T25269]  __device_add_disk+0x5cb/0x11d0
[ 1350.040067][T25269]  ? device_add_disk+0x40/0x40
[ 1350.045075][T25269]  ? loop_add+0x380/0x760
[ 1350.049382][T25269]  ? vsprintf+0x40/0x40
[ 1350.053520][T25269]  device_add_disk+0x2a/0x40
[ 1350.058088][T25269]  loop_add+0x58f/0x760
[ 1350.062221][T25269]  loop_control_ioctl+0x564/0x740
[ 1350.067219][T25269]  ? loop_remove+0xb0/0xb0
[ 1350.071725][T25269]  ? __fget_files+0x310/0x370
[ 1350.076382][T25269]  ? security_file_ioctl+0xb1/0xd0
[ 1350.081475][T25269]  ? loop_remove+0xb0/0xb0
[ 1350.085869][T25269]  __se_sys_ioctl+0x115/0x190
[ 1350.090524][T25269]  __x64_sys_ioctl+0x7b/0x90
[ 1350.095090][T25269]  do_syscall_64+0x34/0x70
[ 1350.099489][T25269]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1350.105358][T25269] RIP: 0033:0x7f77b238e0d9
[ 1350.109754][T25269] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1350.129339][T25269] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1350.137729][T25269] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:33:19 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x14800, 0x0)
ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000040)=0xfb)
request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='\x00', 0xfffffffffffffffa)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r3 = syz_open_dev$vcsu(&(0x7f0000001380), 0x9, 0x30400)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, 0x0)
connect$bt_sco(r4, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r5 = syz_open_dev$vcsu(&(0x7f00000013c0), 0xff, 0x200002)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, 0x0)
connect$bt_sco(r6, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0x6, &(0x7f0000000180)=@raw=[@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x100}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xf}], &(0x7f0000001280)='GPL\x00', 0x29883936, 0x23, &(0x7f00000012c0)=""/35, 0x41000, 0x12, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000001300)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000001340)={0x3, 0x9, 0xf433, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001400)=[r0, r3, r0, r4, r5, r6]}, 0x80)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r6, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x14, 0x0, 0x208, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}}, 0x4008820)
ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f0000000240)={0x1, 0x1000, "dd6b80ffcf1eca6e0486eba97e7e862fc17b36cce49028ef0e02b19527fdd4b0782b9430f03056e2c3cac11cd06ce96f177cad20abc0f9ad841a3aa70d15128cc15292c99be3b4202d2eced6d93f0b3b020a17af41f9dd47d1b1ae4f47ca4968995782d206d0428242719441b9d684d6354cbef687df266c0ccaac433040a45a0343abecd645ebde75960bacab0f7be3fff0057465b529b260e88d63ed85a76a638a91e8e01618ad0bf07e197d37960300e499e4db425f17ff02d9947f0d31d7a3c2766745edfd746c5368011e367efb9addaff7283507fc9103875ea37332c13a28e1629dcd2b929be5c5a77f03666bd2e50ed5bcd47ba9704f2c88c8442b871a0f08a18352a102e866e84e0650e1d869aa5a6f11d2f8a6def341e009b1cae815ad6cddcde17b33082f180744ac26517259948596e01dc7bdfdd2e8f5beb2b2c71f21c4797bb3297c97884afe5f7466eac0e0fcfe94209a993b902d7e033f53afde4777307945ca50710ec6f0c6681084110174bd5f7426d2c5d1a998e4d293ed14b30ad83f4d4f2811910142a9ce2ebea1b5dc3f31ec72a3d5543b4a7e8e5219e0cce1115e3ebb18381f50f1ab702f5e2834d0f880cdb6accd6a7a5db94e511059da798730541166b8fe944322c01028e4be2ff0ef78cffb625f54a30af6af3f7ae7c55e68fc41c8c3570a70b1126840d73cea5ac4b05690398e5ac72e72e6d6404044015fdc9bd6019eb5e0b60f14d9956f5d5c4cbbc70e5f2163e741be236127f8a5a7563fbbcfb6fe05eab13f115358dec6fc8cd4e59c4ffbc6ecb71080639ec577fe53d85f07041078a97e70523e96e9f3130401535cff62291f11bf51d16bbfaf1bc903252085e50eac053301cee6ab2c07596953cd020736c4c576e03c1942f1a4144237f194e1a1168153e90f9a355ecad1edd16a63b99e1655359081516b51bff35219a071ac2d7a55b9905c308f0ddbefa6106cc787661a3b140a87e0fb3aa03a021027400f2351e190839ece4f6259ad9d61db13fc2ed5e77cc454d4d09574dcceee66070f0b631eeef5a044ee4d7a871a5d2a5526448f171c75f3d2c01d017272bc470f520b915d3273ca6f241c866176db9db0951dc3118db2d650fdb44a5ac0281a76603f99663c5800101e21daaf52d0bf5715a1781d737a3a35bb7b93281e6fca62f77bca5223e3657174814c7afd48ae338dd8bdd4068b6146376c46b506e9b9444e697a01ea29fb2cdad1821370e1196265eec076ed48af3ac3780d828c7282e6094be3ea16e839d09fd9d2c2dbff35c37cd760c8341a09305faeda7efb6968f2aeb7fd8bbc2050614e69e5e08eec55309f2b31baa9696ea4a8bf8720b9f7817b8d772c834b991b8854b99a1461d4d5f9eaa70723747d9851d828a2a6fdc6726c143ed7a4153a6509b00fc6604f71c3ba425989f27107d56d2600acb94333954aa617f000477a9e27a2b89dce291e89b189b0c4dfaf42cca5e9ac4ddb72dc949b44d83f8422b696957feea4c329bb8a7aca044a8f167cd2e8d57d89d7f11a93166285538a85b352761f1540447fafa958bcbfa93c38fa24a6b576e02915d34a4ce96d8fcce9df21d0a394b8027c1449dba735aa38244b50f4d18227c1cf4098176750a0008741a18d01c005e26829c17eacf603f46b7987ff489e2daa22e304453c2555d01b73b1f22472b2dbd15768cb1bcec9bddd8e8b10106932e805ae713a3f4b3065bc774f19d0af19f07487f988b1513da26387b25e79f9cddc4c5268b79a01295a0d8418ceafa3fa907767292b0b2b940d34968bd15b70031979efe26fe8bdaf4282ce38657a01f052c9affa1db0c152040bce5a996243f2a0df515f99d4db9154634d101c074259ea3c4def90ca1ac0bc48768b662bf4cb72b190c299852e223885b7c1c1364f05a3341c70b95bf29d6f00788612942088b200c7bffb644d1ddbaf026948c23cd75705b284df6aac7f1c7fbf301e85eeee792a978baa1b409ce791255b6f16ab3279918e97adb9df6d137ac2765c0894e82452328bb9f9764827d7d1ebfc8095182af2d117911ef9fa5b5c7cbae85f6b27b9c58b9cb63496cfb3e7d8ba66e1937da3ca1e11d72900c11dad6bb21292de31a562f66d03d4943c538b9d5852374cbca9db8116e58ffaca5d7516b5777c8921f6f9df59d7e309b6502d85f8d93b40509105cf20819a197858abf172e0250121a94a4a2a8795dc449e9d2656af52fc575375b54a4940dbfe06d2fc9fe945a9e856b0afba04cfa2bed6f6ae803b76f1541ae4744b05f30e2093405b24e7c2e20848d7ca6616d14bf2e4e99ea029ca32efb2d18a7848ab282ccd1e7ca753f40f184933994ec9b8aa30a1d31655b00d29b11834b51156ae65d0b363640e31ed9f82239424a4fa330c6af3c7cc39957249d968d4fb8b4878a3b38021fc77a17261be2dfe3d1e01ffadc6e33b7d4d5e7d186ea3cd0e6743ecdfcff4ff38cd8ce908544ce363367827c900495e4ef9b4d398c099cf247519f9d888a8cd129ca0f064f6de8ddfc7520be4cbe5d12609daea2f64f34e62aa75a5acc693deb99509426d295540760960cdcb7e35d0fb0b43903ef2953043d3dbd9d27fa8255085d0a920d8a4a6de6ce54b69360c8beaca4e8d3f3a60bddadac53063aff36c817fdbab790ace0ac7e433c3a251a36179c09ee8b235d2f7d1e716d82350fdb24438026cbdd2ce0330234d243d7d901a2e99ae964efa5497232919e3796679185e7c80a4d89c62a9f64f9784d19e556a24264481f243b73f04deffecd07c6a6c4ddecdb5fafbd92f93f7ef95967f63828b453add49b8c3e0821d88ad7eca46a36c9cd24c6c91993b59b9828489c6601a5ba7e4371b82e5da7a11ef5894dc7a0bd4ab0248bbbc12cc5bde6e9041ff6079b90e1d35088ee9afa471e64c054028618b0f684611e82a7fea19df0c7560ae6c9920779cbf11f474514d32608fe82ca0830e9e21c1e4548c9e46a87016260a457da2bc1c65c9b425bcc3fce015c7ab22406147d7af36333f17b1bdcfe6b4dd78655aba1cfc0a109d2b497f4d3bfbfd94d45ae5a00a5c7f1c21597df31dc1ee2408f48bfec41048834e7a642922444f8cba18de587ea5ab035127f8bba14f5c27989af372f9f280d7f4fc42a6a565dfb08e0be8278a3a1a82a61baf4bdfb566090c77a8ffa5adcc64a7dca318c2639ddf2adf3a4af593ec5c2f4bd533de209d5cf91ca9fbfd84c54e4caf68e7553c29c5288c9583ba3f170a7e7545fcc288a346456a1d4b2124900e58a3561244c1215df05a817ef4368c26cda5719413e97ca5afe98c81b4b5b639e62e06bedb695fe63a250980f00cf458abc975fc61d8477b9937e136e25bb47901b83f80f9bef31de11e932112445694ed0fcee0acfa98d22c1b4c773ca28496ea8d576a957a92970e6e9d2846514a86a78b164acc70cbf8a017ea2392a08dc3f0fd324f72c5e73eaad99dacd768b626f033c5cd5f2ecf395708a51d92df6385de17575c6b95bcdea774466c7dc7fc47bb28bfe5f749c759712df39b5d5c32ec6abcf4d39bdd67ab420fe465d273b0fd88f500e095527ecb78d97588444a2a0f86482e4f9a5738fcd979c18297602dbc9de4333986aaa74dec6d0e87c7727f1be97e6115782df4f12412201846fb5324054839ec91a744ada22b38cb36b7170f435653f05e598de9428135f8124ef00ff268b28f853c83ba8e1e5d2502d6e66f6a9a210ad8dbe41c279b809df3f5280f577049817f5937ad2cfe549cb0fcf4fb06d35bd421d45c23e194615d5f67216eb0ca99cccb44e62cb7850b5d393bc69bd4daeca533f9114e063e39ac07e62c2b09986e49757d0a65e167f503758b8e73e9ec13da950b51109b9ee05453c61f7a379be63e10490d2139629142778d6427903a75fbe0f4dd9cb356cdfef8dd795445e7af11948902709fce0da8761af7ff77ec1e2225e5df38e45632f42df04e7c377f03d09ef77fd196ccecba74183722b9e08ad99f665b3559d49598c2e1f4253798c940cbde370169cd11c5c51360fb00a860fb502e876f8cdc752e5e2214465a198a3210fcb68606eb7c337dd89c3dbe5a5007ccaf02ac4723a2186419e165e4af97e4927c21298744e7a1c1840380b3ae828d43a1b62807ad7c48d23c22c2a177686fbd9e7a0b0c6e15161316a0079cb68874362a2a2151c105fb692e9471654ad64d7e7a74ab85e8741b07bb602ee349186707699aec8475880847cc207c82b8cdc0d42ddd7d2ce8151df6d85d09078f067cb8a3e01b90d68bd894c1140cb3a685426bacec7eb39d795f9e85a06952783722d67cc8ac493c7ae5112d41e7333cba7d51f41f36408974c4d391762c938fdb6f665ad52646dc396a817160f34a78c5812266bfcc634d70f2f4f4cd5ee22b6b651e328979104d32e4397611e8f00089f64ecefa00480165ba7989329b8e8968248949f98f00c76d1493ab953a21f294d7b273fdee1a55aa698ae435cae345c40f11866e463ca75d2e9d15a809c8ed9b1435884e59534078b300ea4c6619f568c6c94b88bc8c42672864042592704f460eb1bae5b83fafe607d2509dfe0c8754af2963979b47058568112fcbb79f2cca98c13e16c7ead81138043bc8264fde8cef943151be128e46758418460dd3a15cd1c09fcf97a09b34c5135a5de9e6a04cb83b7dfaf3bced498146cab1a902c0c1ac9fe0e1aa133f40ef709fa02ad447174f88a305bbd521ddc88bf20baec87aceecb8737b0f89d71eb0f7e699f02dbf73a67500027223304b68cf6e491345923c00ee20a329471ef5a9ff307588d40e22aedc2d06de577af593aac705691a925a061b081a8f5cec81e22dcbcd4e1babcb333d0ea956c3afed6d4b7e096c63ad868fee4888d7144e6c2341fd11a8b229e9eb42bcf7da35c86ed7d61430a680a32779c37fd18ea70975e4000141e4edc05713beb3662ddce2c74b21b3b581ada46be62c4b8d1ee02ea747ec15af7f6621ba0d3977671e746721e47527fe6a9db84d4a8e0e3c5e2c28a4598b2520e3c45c1692fceac02158a6979ef3a7ccc333bceeca33af2880db3109513ca6f994f31a27c81639cc651f9c4787bc901c22e3a107ec7d652131a3ea3fd4a1e8fc133dcef6868f988f0be614afb2720cf24d97b302df52627eb6109d90e9ee6fd79b8b7db4137cb7cded66c10307d64018a8c58e8c74a3fb644768cb3fc92421f499f9f601c061f12f616c955603538dbe17c7e02cee9afcdb0ca433a1e26219ddeb98ce12a5c278c298254732a69952e502a83b1f37b93dbc40dc9a82e76008afbf30e8c8b1c2bc0fd155151e098f963c63d681970a86bba18082874b512f577e99c772b37d6d9a92c9c53d5c455d951f786c0135ef9587d1ba5eed1b21cec18e175f067e169516cac9a09350095db1b890330a6bc74de2a300d03fae69ee90a5d94a886b172eca4b708660991a80085e98c1bdb3e8072d00b73e30d54cc385b76b0070919b1dcf2433bfe95fc3ede7f6d0b59aa0b6265f3030a61adac30dcff6d8ede46b3d5d4d553aa35a1ed7b49f19d95b4c2a53f45e61e12ca6b174a7776becf0dcde1518a8b739694694cabb2fcfbc13c7e2ba34dc00b9388a464ee9ed7decd73b87a2ee9d6ffe3def9c7150ab2c237ed5cf00c665a20ab61bf031d60fdbba11cbe9fb65bf1c14bad12d2daf6671ca518aefe4badd4c6cbed6f74bd45ce4570ea2b5d4182f12643070f497cf38c4e1464e02a2c6f672a61732619e436e3dd1a155ed78ac8d620683"})

14:33:19 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x14800, 0x0)
ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000040)=0xfb) (async)
request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='\x00', 0xfffffffffffffffa)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0) (async)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
r3 = syz_open_dev$vcsu(&(0x7f0000001380), 0x9, 0x30400) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, 0x0) (async)
connect$bt_sco(r4, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r5 = syz_open_dev$vcsu(&(0x7f00000013c0), 0xff, 0x200002) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, 0x0) (async)
connect$bt_sco(r6, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0x6, &(0x7f0000000180)=@raw=[@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x100}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xf}], &(0x7f0000001280)='GPL\x00', 0x29883936, 0x23, &(0x7f00000012c0)=""/35, 0x41000, 0x12, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000001300)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000001340)={0x3, 0x9, 0xf433, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001400)=[r0, r3, r0, r4, r5, r6]}, 0x80) (async)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r6, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x14, 0x0, 0x208, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}}, 0x4008820) (async)
ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f0000000240)={0x1, 0x1000, "dd6b80ffcf1eca6e0486eba97e7e862fc17b36cce49028ef0e02b19527fdd4b0782b9430f03056e2c3cac11cd06ce96f177cad20abc0f9ad841a3aa70d15128cc15292c99be3b4202d2eced6d93f0b3b020a17af41f9dd47d1b1ae4f47ca4968995782d206d0428242719441b9d684d6354cbef687df266c0ccaac433040a45a0343abecd645ebde75960bacab0f7be3fff0057465b529b260e88d63ed85a76a638a91e8e01618ad0bf07e197d37960300e499e4db425f17ff02d9947f0d31d7a3c2766745edfd746c5368011e367efb9addaff7283507fc9103875ea37332c13a28e1629dcd2b929be5c5a77f03666bd2e50ed5bcd47ba9704f2c88c8442b871a0f08a18352a102e866e84e0650e1d869aa5a6f11d2f8a6def341e009b1cae815ad6cddcde17b33082f180744ac26517259948596e01dc7bdfdd2e8f5beb2b2c71f21c4797bb3297c97884afe5f7466eac0e0fcfe94209a993b902d7e033f53afde4777307945ca50710ec6f0c6681084110174bd5f7426d2c5d1a998e4d293ed14b30ad83f4d4f2811910142a9ce2ebea1b5dc3f31ec72a3d5543b4a7e8e5219e0cce1115e3ebb18381f50f1ab702f5e2834d0f880cdb6accd6a7a5db94e511059da798730541166b8fe944322c01028e4be2ff0ef78cffb625f54a30af6af3f7ae7c55e68fc41c8c3570a70b1126840d73cea5ac4b05690398e5ac72e72e6d6404044015fdc9bd6019eb5e0b60f14d9956f5d5c4cbbc70e5f2163e741be236127f8a5a7563fbbcfb6fe05eab13f115358dec6fc8cd4e59c4ffbc6ecb71080639ec577fe53d85f07041078a97e70523e96e9f3130401535cff62291f11bf51d16bbfaf1bc903252085e50eac053301cee6ab2c07596953cd020736c4c576e03c1942f1a4144237f194e1a1168153e90f9a355ecad1edd16a63b99e1655359081516b51bff35219a071ac2d7a55b9905c308f0ddbefa6106cc787661a3b140a87e0fb3aa03a021027400f2351e190839ece4f6259ad9d61db13fc2ed5e77cc454d4d09574dcceee66070f0b631eeef5a044ee4d7a871a5d2a5526448f171c75f3d2c01d017272bc470f520b915d3273ca6f241c866176db9db0951dc3118db2d650fdb44a5ac0281a76603f99663c5800101e21daaf52d0bf5715a1781d737a3a35bb7b93281e6fca62f77bca5223e3657174814c7afd48ae338dd8bdd4068b6146376c46b506e9b9444e697a01ea29fb2cdad1821370e1196265eec076ed48af3ac3780d828c7282e6094be3ea16e839d09fd9d2c2dbff35c37cd760c8341a09305faeda7efb6968f2aeb7fd8bbc2050614e69e5e08eec55309f2b31baa9696ea4a8bf8720b9f7817b8d772c834b991b8854b99a1461d4d5f9eaa70723747d9851d828a2a6fdc6726c143ed7a4153a6509b00fc6604f71c3ba425989f27107d56d2600acb94333954aa617f000477a9e27a2b89dce291e89b189b0c4dfaf42cca5e9ac4ddb72dc949b44d83f8422b696957feea4c329bb8a7aca044a8f167cd2e8d57d89d7f11a93166285538a85b352761f1540447fafa958bcbfa93c38fa24a6b576e02915d34a4ce96d8fcce9df21d0a394b8027c1449dba735aa38244b50f4d18227c1cf4098176750a0008741a18d01c005e26829c17eacf603f46b7987ff489e2daa22e304453c2555d01b73b1f22472b2dbd15768cb1bcec9bddd8e8b10106932e805ae713a3f4b3065bc774f19d0af19f07487f988b1513da26387b25e79f9cddc4c5268b79a01295a0d8418ceafa3fa907767292b0b2b940d34968bd15b70031979efe26fe8bdaf4282ce38657a01f052c9affa1db0c152040bce5a996243f2a0df515f99d4db9154634d101c074259ea3c4def90ca1ac0bc48768b662bf4cb72b190c299852e223885b7c1c1364f05a3341c70b95bf29d6f00788612942088b200c7bffb644d1ddbaf026948c23cd75705b284df6aac7f1c7fbf301e85eeee792a978baa1b409ce791255b6f16ab3279918e97adb9df6d137ac2765c0894e82452328bb9f9764827d7d1ebfc8095182af2d117911ef9fa5b5c7cbae85f6b27b9c58b9cb63496cfb3e7d8ba66e1937da3ca1e11d72900c11dad6bb21292de31a562f66d03d4943c538b9d5852374cbca9db8116e58ffaca5d7516b5777c8921f6f9df59d7e309b6502d85f8d93b40509105cf20819a197858abf172e0250121a94a4a2a8795dc449e9d2656af52fc575375b54a4940dbfe06d2fc9fe945a9e856b0afba04cfa2bed6f6ae803b76f1541ae4744b05f30e2093405b24e7c2e20848d7ca6616d14bf2e4e99ea029ca32efb2d18a7848ab282ccd1e7ca753f40f184933994ec9b8aa30a1d31655b00d29b11834b51156ae65d0b363640e31ed9f82239424a4fa330c6af3c7cc39957249d968d4fb8b4878a3b38021fc77a17261be2dfe3d1e01ffadc6e33b7d4d5e7d186ea3cd0e6743ecdfcff4ff38cd8ce908544ce363367827c900495e4ef9b4d398c099cf247519f9d888a8cd129ca0f064f6de8ddfc7520be4cbe5d12609daea2f64f34e62aa75a5acc693deb99509426d295540760960cdcb7e35d0fb0b43903ef2953043d3dbd9d27fa8255085d0a920d8a4a6de6ce54b69360c8beaca4e8d3f3a60bddadac53063aff36c817fdbab790ace0ac7e433c3a251a36179c09ee8b235d2f7d1e716d82350fdb24438026cbdd2ce0330234d243d7d901a2e99ae964efa5497232919e3796679185e7c80a4d89c62a9f64f9784d19e556a24264481f243b73f04deffecd07c6a6c4ddecdb5fafbd92f93f7ef95967f63828b453add49b8c3e0821d88ad7eca46a36c9cd24c6c91993b59b9828489c6601a5ba7e4371b82e5da7a11ef5894dc7a0bd4ab0248bbbc12cc5bde6e9041ff6079b90e1d35088ee9afa471e64c054028618b0f684611e82a7fea19df0c7560ae6c9920779cbf11f474514d32608fe82ca0830e9e21c1e4548c9e46a87016260a457da2bc1c65c9b425bcc3fce015c7ab22406147d7af36333f17b1bdcfe6b4dd78655aba1cfc0a109d2b497f4d3bfbfd94d45ae5a00a5c7f1c21597df31dc1ee2408f48bfec41048834e7a642922444f8cba18de587ea5ab035127f8bba14f5c27989af372f9f280d7f4fc42a6a565dfb08e0be8278a3a1a82a61baf4bdfb566090c77a8ffa5adcc64a7dca318c2639ddf2adf3a4af593ec5c2f4bd533de209d5cf91ca9fbfd84c54e4caf68e7553c29c5288c9583ba3f170a7e7545fcc288a346456a1d4b2124900e58a3561244c1215df05a817ef4368c26cda5719413e97ca5afe98c81b4b5b639e62e06bedb695fe63a250980f00cf458abc975fc61d8477b9937e136e25bb47901b83f80f9bef31de11e932112445694ed0fcee0acfa98d22c1b4c773ca28496ea8d576a957a92970e6e9d2846514a86a78b164acc70cbf8a017ea2392a08dc3f0fd324f72c5e73eaad99dacd768b626f033c5cd5f2ecf395708a51d92df6385de17575c6b95bcdea774466c7dc7fc47bb28bfe5f749c759712df39b5d5c32ec6abcf4d39bdd67ab420fe465d273b0fd88f500e095527ecb78d97588444a2a0f86482e4f9a5738fcd979c18297602dbc9de4333986aaa74dec6d0e87c7727f1be97e6115782df4f12412201846fb5324054839ec91a744ada22b38cb36b7170f435653f05e598de9428135f8124ef00ff268b28f853c83ba8e1e5d2502d6e66f6a9a210ad8dbe41c279b809df3f5280f577049817f5937ad2cfe549cb0fcf4fb06d35bd421d45c23e194615d5f67216eb0ca99cccb44e62cb7850b5d393bc69bd4daeca533f9114e063e39ac07e62c2b09986e49757d0a65e167f503758b8e73e9ec13da950b51109b9ee05453c61f7a379be63e10490d2139629142778d6427903a75fbe0f4dd9cb356cdfef8dd795445e7af11948902709fce0da8761af7ff77ec1e2225e5df38e45632f42df04e7c377f03d09ef77fd196ccecba74183722b9e08ad99f665b3559d49598c2e1f4253798c940cbde370169cd11c5c51360fb00a860fb502e876f8cdc752e5e2214465a198a3210fcb68606eb7c337dd89c3dbe5a5007ccaf02ac4723a2186419e165e4af97e4927c21298744e7a1c1840380b3ae828d43a1b62807ad7c48d23c22c2a177686fbd9e7a0b0c6e15161316a0079cb68874362a2a2151c105fb692e9471654ad64d7e7a74ab85e8741b07bb602ee349186707699aec8475880847cc207c82b8cdc0d42ddd7d2ce8151df6d85d09078f067cb8a3e01b90d68bd894c1140cb3a685426bacec7eb39d795f9e85a06952783722d67cc8ac493c7ae5112d41e7333cba7d51f41f36408974c4d391762c938fdb6f665ad52646dc396a817160f34a78c5812266bfcc634d70f2f4f4cd5ee22b6b651e328979104d32e4397611e8f00089f64ecefa00480165ba7989329b8e8968248949f98f00c76d1493ab953a21f294d7b273fdee1a55aa698ae435cae345c40f11866e463ca75d2e9d15a809c8ed9b1435884e59534078b300ea4c6619f568c6c94b88bc8c42672864042592704f460eb1bae5b83fafe607d2509dfe0c8754af2963979b47058568112fcbb79f2cca98c13e16c7ead81138043bc8264fde8cef943151be128e46758418460dd3a15cd1c09fcf97a09b34c5135a5de9e6a04cb83b7dfaf3bced498146cab1a902c0c1ac9fe0e1aa133f40ef709fa02ad447174f88a305bbd521ddc88bf20baec87aceecb8737b0f89d71eb0f7e699f02dbf73a67500027223304b68cf6e491345923c00ee20a329471ef5a9ff307588d40e22aedc2d06de577af593aac705691a925a061b081a8f5cec81e22dcbcd4e1babcb333d0ea956c3afed6d4b7e096c63ad868fee4888d7144e6c2341fd11a8b229e9eb42bcf7da35c86ed7d61430a680a32779c37fd18ea70975e4000141e4edc05713beb3662ddce2c74b21b3b581ada46be62c4b8d1ee02ea747ec15af7f6621ba0d3977671e746721e47527fe6a9db84d4a8e0e3c5e2c28a4598b2520e3c45c1692fceac02158a6979ef3a7ccc333bceeca33af2880db3109513ca6f994f31a27c81639cc651f9c4787bc901c22e3a107ec7d652131a3ea3fd4a1e8fc133dcef6868f988f0be614afb2720cf24d97b302df52627eb6109d90e9ee6fd79b8b7db4137cb7cded66c10307d64018a8c58e8c74a3fb644768cb3fc92421f499f9f601c061f12f616c955603538dbe17c7e02cee9afcdb0ca433a1e26219ddeb98ce12a5c278c298254732a69952e502a83b1f37b93dbc40dc9a82e76008afbf30e8c8b1c2bc0fd155151e098f963c63d681970a86bba18082874b512f577e99c772b37d6d9a92c9c53d5c455d951f786c0135ef9587d1ba5eed1b21cec18e175f067e169516cac9a09350095db1b890330a6bc74de2a300d03fae69ee90a5d94a886b172eca4b708660991a80085e98c1bdb3e8072d00b73e30d54cc385b76b0070919b1dcf2433bfe95fc3ede7f6d0b59aa0b6265f3030a61adac30dcff6d8ede46b3d5d4d553aa35a1ed7b49f19d95b4c2a53f45e61e12ca6b174a7776becf0dcde1518a8b739694694cabb2fcfbc13c7e2ba34dc00b9388a464ee9ed7decd73b87a2ee9d6ffe3def9c7150ab2c237ed5cf00c665a20ab61bf031d60fdbba11cbe9fb65bf1c14bad12d2daf6671ca518aefe4badd4c6cbed6f74bd45ce4570ea2b5d4182f12643070f497cf38c4e1464e02a2c6f672a61732619e436e3dd1a155ed78ac8d620683"})

[ 1350.145677][T25269] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1350.153639][T25269] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1350.161694][T25269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1350.169651][T25269] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:19 executing program 1:
socket$nl_generic(0x10, 0x3, 0x10) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x16, 0xfc, 0x27}, {0x3f, 0x0, 0x0, 0x3}]})

14:33:19 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 67)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:19 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1a00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:19 executing program 1:
socket$nl_generic(0x10, 0x3, 0x10) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x16, 0xfc, 0x27}, {0x3f, 0x0, 0x0, 0x3}]})

14:33:19 executing program 0:
r0 = bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x14800, 0x0)
ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000040)=0xfb)
request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, 0x0) (async)
connect$bt_sco(r2, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r3 = syz_open_dev$vcsu(&(0x7f0000001380), 0x9, 0x30400) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, 0x0)
connect$bt_sco(r4, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
r5 = syz_open_dev$vcsu(&(0x7f00000013c0), 0xff, 0x200002)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, 0x0) (async)
connect$bt_sco(r6, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0x6, &(0x7f0000000180)=@raw=[@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x100}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800}, @map_idx={0x18, 0x0, 0x5, 0x0, 0xf}], &(0x7f0000001280)='GPL\x00', 0x29883936, 0x23, &(0x7f00000012c0)=""/35, 0x41000, 0x12, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000001300)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000001340)={0x3, 0x9, 0xf433, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001400)=[r0, r3, r0, r4, r5, r6]}, 0x80)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r6, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x14, 0x0, 0x208, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}}, 0x4008820) (async)
ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f0000000240)={0x1, 0x1000, "dd6b80ffcf1eca6e0486eba97e7e862fc17b36cce49028ef0e02b19527fdd4b0782b9430f03056e2c3cac11cd06ce96f177cad20abc0f9ad841a3aa70d15128cc15292c99be3b4202d2eced6d93f0b3b020a17af41f9dd47d1b1ae4f47ca4968995782d206d0428242719441b9d684d6354cbef687df266c0ccaac433040a45a0343abecd645ebde75960bacab0f7be3fff0057465b529b260e88d63ed85a76a638a91e8e01618ad0bf07e197d37960300e499e4db425f17ff02d9947f0d31d7a3c2766745edfd746c5368011e367efb9addaff7283507fc9103875ea37332c13a28e1629dcd2b929be5c5a77f03666bd2e50ed5bcd47ba9704f2c88c8442b871a0f08a18352a102e866e84e0650e1d869aa5a6f11d2f8a6def341e009b1cae815ad6cddcde17b33082f180744ac26517259948596e01dc7bdfdd2e8f5beb2b2c71f21c4797bb3297c97884afe5f7466eac0e0fcfe94209a993b902d7e033f53afde4777307945ca50710ec6f0c6681084110174bd5f7426d2c5d1a998e4d293ed14b30ad83f4d4f2811910142a9ce2ebea1b5dc3f31ec72a3d5543b4a7e8e5219e0cce1115e3ebb18381f50f1ab702f5e2834d0f880cdb6accd6a7a5db94e511059da798730541166b8fe944322c01028e4be2ff0ef78cffb625f54a30af6af3f7ae7c55e68fc41c8c3570a70b1126840d73cea5ac4b05690398e5ac72e72e6d6404044015fdc9bd6019eb5e0b60f14d9956f5d5c4cbbc70e5f2163e741be236127f8a5a7563fbbcfb6fe05eab13f115358dec6fc8cd4e59c4ffbc6ecb71080639ec577fe53d85f07041078a97e70523e96e9f3130401535cff62291f11bf51d16bbfaf1bc903252085e50eac053301cee6ab2c07596953cd020736c4c576e03c1942f1a4144237f194e1a1168153e90f9a355ecad1edd16a63b99e1655359081516b51bff35219a071ac2d7a55b9905c308f0ddbefa6106cc787661a3b140a87e0fb3aa03a021027400f2351e190839ece4f6259ad9d61db13fc2ed5e77cc454d4d09574dcceee66070f0b631eeef5a044ee4d7a871a5d2a5526448f171c75f3d2c01d017272bc470f520b915d3273ca6f241c866176db9db0951dc3118db2d650fdb44a5ac0281a76603f99663c5800101e21daaf52d0bf5715a1781d737a3a35bb7b93281e6fca62f77bca5223e3657174814c7afd48ae338dd8bdd4068b6146376c46b506e9b9444e697a01ea29fb2cdad1821370e1196265eec076ed48af3ac3780d828c7282e6094be3ea16e839d09fd9d2c2dbff35c37cd760c8341a09305faeda7efb6968f2aeb7fd8bbc2050614e69e5e08eec55309f2b31baa9696ea4a8bf8720b9f7817b8d772c834b991b8854b99a1461d4d5f9eaa70723747d9851d828a2a6fdc6726c143ed7a4153a6509b00fc6604f71c3ba425989f27107d56d2600acb94333954aa617f000477a9e27a2b89dce291e89b189b0c4dfaf42cca5e9ac4ddb72dc949b44d83f8422b696957feea4c329bb8a7aca044a8f167cd2e8d57d89d7f11a93166285538a85b352761f1540447fafa958bcbfa93c38fa24a6b576e02915d34a4ce96d8fcce9df21d0a394b8027c1449dba735aa38244b50f4d18227c1cf4098176750a0008741a18d01c005e26829c17eacf603f46b7987ff489e2daa22e304453c2555d01b73b1f22472b2dbd15768cb1bcec9bddd8e8b10106932e805ae713a3f4b3065bc774f19d0af19f07487f988b1513da26387b25e79f9cddc4c5268b79a01295a0d8418ceafa3fa907767292b0b2b940d34968bd15b70031979efe26fe8bdaf4282ce38657a01f052c9affa1db0c152040bce5a996243f2a0df515f99d4db9154634d101c074259ea3c4def90ca1ac0bc48768b662bf4cb72b190c299852e223885b7c1c1364f05a3341c70b95bf29d6f00788612942088b200c7bffb644d1ddbaf026948c23cd75705b284df6aac7f1c7fbf301e85eeee792a978baa1b409ce791255b6f16ab3279918e97adb9df6d137ac2765c0894e82452328bb9f9764827d7d1ebfc8095182af2d117911ef9fa5b5c7cbae85f6b27b9c58b9cb63496cfb3e7d8ba66e1937da3ca1e11d72900c11dad6bb21292de31a562f66d03d4943c538b9d5852374cbca9db8116e58ffaca5d7516b5777c8921f6f9df59d7e309b6502d85f8d93b40509105cf20819a197858abf172e0250121a94a4a2a8795dc449e9d2656af52fc575375b54a4940dbfe06d2fc9fe945a9e856b0afba04cfa2bed6f6ae803b76f1541ae4744b05f30e2093405b24e7c2e20848d7ca6616d14bf2e4e99ea029ca32efb2d18a7848ab282ccd1e7ca753f40f184933994ec9b8aa30a1d31655b00d29b11834b51156ae65d0b363640e31ed9f82239424a4fa330c6af3c7cc39957249d968d4fb8b4878a3b38021fc77a17261be2dfe3d1e01ffadc6e33b7d4d5e7d186ea3cd0e6743ecdfcff4ff38cd8ce908544ce363367827c900495e4ef9b4d398c099cf247519f9d888a8cd129ca0f064f6de8ddfc7520be4cbe5d12609daea2f64f34e62aa75a5acc693deb99509426d295540760960cdcb7e35d0fb0b43903ef2953043d3dbd9d27fa8255085d0a920d8a4a6de6ce54b69360c8beaca4e8d3f3a60bddadac53063aff36c817fdbab790ace0ac7e433c3a251a36179c09ee8b235d2f7d1e716d82350fdb24438026cbdd2ce0330234d243d7d901a2e99ae964efa5497232919e3796679185e7c80a4d89c62a9f64f9784d19e556a24264481f243b73f04deffecd07c6a6c4ddecdb5fafbd92f93f7ef95967f63828b453add49b8c3e0821d88ad7eca46a36c9cd24c6c91993b59b9828489c6601a5ba7e4371b82e5da7a11ef5894dc7a0bd4ab0248bbbc12cc5bde6e9041ff6079b90e1d35088ee9afa471e64c054028618b0f684611e82a7fea19df0c7560ae6c9920779cbf11f474514d32608fe82ca0830e9e21c1e4548c9e46a87016260a457da2bc1c65c9b425bcc3fce015c7ab22406147d7af36333f17b1bdcfe6b4dd78655aba1cfc0a109d2b497f4d3bfbfd94d45ae5a00a5c7f1c21597df31dc1ee2408f48bfec41048834e7a642922444f8cba18de587ea5ab035127f8bba14f5c27989af372f9f280d7f4fc42a6a565dfb08e0be8278a3a1a82a61baf4bdfb566090c77a8ffa5adcc64a7dca318c2639ddf2adf3a4af593ec5c2f4bd533de209d5cf91ca9fbfd84c54e4caf68e7553c29c5288c9583ba3f170a7e7545fcc288a346456a1d4b2124900e58a3561244c1215df05a817ef4368c26cda5719413e97ca5afe98c81b4b5b639e62e06bedb695fe63a250980f00cf458abc975fc61d8477b9937e136e25bb47901b83f80f9bef31de11e932112445694ed0fcee0acfa98d22c1b4c773ca28496ea8d576a957a92970e6e9d2846514a86a78b164acc70cbf8a017ea2392a08dc3f0fd324f72c5e73eaad99dacd768b626f033c5cd5f2ecf395708a51d92df6385de17575c6b95bcdea774466c7dc7fc47bb28bfe5f749c759712df39b5d5c32ec6abcf4d39bdd67ab420fe465d273b0fd88f500e095527ecb78d97588444a2a0f86482e4f9a5738fcd979c18297602dbc9de4333986aaa74dec6d0e87c7727f1be97e6115782df4f12412201846fb5324054839ec91a744ada22b38cb36b7170f435653f05e598de9428135f8124ef00ff268b28f853c83ba8e1e5d2502d6e66f6a9a210ad8dbe41c279b809df3f5280f577049817f5937ad2cfe549cb0fcf4fb06d35bd421d45c23e194615d5f67216eb0ca99cccb44e62cb7850b5d393bc69bd4daeca533f9114e063e39ac07e62c2b09986e49757d0a65e167f503758b8e73e9ec13da950b51109b9ee05453c61f7a379be63e10490d2139629142778d6427903a75fbe0f4dd9cb356cdfef8dd795445e7af11948902709fce0da8761af7ff77ec1e2225e5df38e45632f42df04e7c377f03d09ef77fd196ccecba74183722b9e08ad99f665b3559d49598c2e1f4253798c940cbde370169cd11c5c51360fb00a860fb502e876f8cdc752e5e2214465a198a3210fcb68606eb7c337dd89c3dbe5a5007ccaf02ac4723a2186419e165e4af97e4927c21298744e7a1c1840380b3ae828d43a1b62807ad7c48d23c22c2a177686fbd9e7a0b0c6e15161316a0079cb68874362a2a2151c105fb692e9471654ad64d7e7a74ab85e8741b07bb602ee349186707699aec8475880847cc207c82b8cdc0d42ddd7d2ce8151df6d85d09078f067cb8a3e01b90d68bd894c1140cb3a685426bacec7eb39d795f9e85a06952783722d67cc8ac493c7ae5112d41e7333cba7d51f41f36408974c4d391762c938fdb6f665ad52646dc396a817160f34a78c5812266bfcc634d70f2f4f4cd5ee22b6b651e328979104d32e4397611e8f00089f64ecefa00480165ba7989329b8e8968248949f98f00c76d1493ab953a21f294d7b273fdee1a55aa698ae435cae345c40f11866e463ca75d2e9d15a809c8ed9b1435884e59534078b300ea4c6619f568c6c94b88bc8c42672864042592704f460eb1bae5b83fafe607d2509dfe0c8754af2963979b47058568112fcbb79f2cca98c13e16c7ead81138043bc8264fde8cef943151be128e46758418460dd3a15cd1c09fcf97a09b34c5135a5de9e6a04cb83b7dfaf3bced498146cab1a902c0c1ac9fe0e1aa133f40ef709fa02ad447174f88a305bbd521ddc88bf20baec87aceecb8737b0f89d71eb0f7e699f02dbf73a67500027223304b68cf6e491345923c00ee20a329471ef5a9ff307588d40e22aedc2d06de577af593aac705691a925a061b081a8f5cec81e22dcbcd4e1babcb333d0ea956c3afed6d4b7e096c63ad868fee4888d7144e6c2341fd11a8b229e9eb42bcf7da35c86ed7d61430a680a32779c37fd18ea70975e4000141e4edc05713beb3662ddce2c74b21b3b581ada46be62c4b8d1ee02ea747ec15af7f6621ba0d3977671e746721e47527fe6a9db84d4a8e0e3c5e2c28a4598b2520e3c45c1692fceac02158a6979ef3a7ccc333bceeca33af2880db3109513ca6f994f31a27c81639cc651f9c4787bc901c22e3a107ec7d652131a3ea3fd4a1e8fc133dcef6868f988f0be614afb2720cf24d97b302df52627eb6109d90e9ee6fd79b8b7db4137cb7cded66c10307d64018a8c58e8c74a3fb644768cb3fc92421f499f9f601c061f12f616c955603538dbe17c7e02cee9afcdb0ca433a1e26219ddeb98ce12a5c278c298254732a69952e502a83b1f37b93dbc40dc9a82e76008afbf30e8c8b1c2bc0fd155151e098f963c63d681970a86bba18082874b512f577e99c772b37d6d9a92c9c53d5c455d951f786c0135ef9587d1ba5eed1b21cec18e175f067e169516cac9a09350095db1b890330a6bc74de2a300d03fae69ee90a5d94a886b172eca4b708660991a80085e98c1bdb3e8072d00b73e30d54cc385b76b0070919b1dcf2433bfe95fc3ede7f6d0b59aa0b6265f3030a61adac30dcff6d8ede46b3d5d4d553aa35a1ed7b49f19d95b4c2a53f45e61e12ca6b174a7776becf0dcde1518a8b739694694cabb2fcfbc13c7e2ba34dc00b9388a464ee9ed7decd73b87a2ee9d6ffe3def9c7150ab2c237ed5cf00c665a20ab61bf031d60fdbba11cbe9fb65bf1c14bad12d2daf6671ca518aefe4badd4c6cbed6f74bd45ce4570ea2b5d4182f12643070f497cf38c4e1464e02a2c6f672a61732619e436e3dd1a155ed78ac8d620683"})

[ 1350.240105][T25298] FAULT_INJECTION: forcing a failure.
[ 1350.240105][T25298] name failslab, interval 1, probability 0, space 0, times 0
[ 1350.254187][T25298] CPU: 0 PID: 25298 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1350.265914][T25298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1350.275968][T25298] Call Trace:
[ 1350.279261][T25298]  dump_stack_lvl+0x1e2/0x24b
[ 1350.283913][T25298]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1350.289350][T25298]  ? __se_sys_ioctl+0x115/0x190
[ 1350.294220][T25298]  dump_stack+0x15/0x17
[ 1350.298358][T25298]  should_fail+0x3c0/0x510
[ 1350.302745][T25298]  __should_failslab+0x9f/0xe0
[ 1350.307486][T25298]  should_failslab+0x9/0x20
[ 1350.311978][T25298]  kmem_cache_alloc+0x3f/0x300
[ 1350.316714][T25298]  ? __d_alloc+0x2d/0x6b0
[ 1350.321014][T25298]  ? __reset_page_owner+0x35/0x160
[ 1350.326095][T25298]  __d_alloc+0x2d/0x6b0
[ 1350.330309][T25298]  ? __reset_page_owner+0x160/0x160
[ 1350.335481][T25298]  ? avc_has_perm_noaudit+0x358/0x4c0
[ 1350.340830][T25298]  d_alloc_parallel+0xe6/0x1330
[ 1350.345654][T25298]  ? avc_has_perm_noaudit+0x2ed/0x4c0
[ 1350.350996][T25298]  ? avc_denied+0x1b0/0x1b0
[ 1350.355477][T25298]  ? __reset_page_owner+0xa0/0x160
[ 1350.360566][T25298]  ? d_hash_and_lookup+0x200/0x200
[ 1350.365656][T25298]  ? selinux_inode_permission+0x439/0x670
[ 1350.371354][T25298]  ? selinux_inode_follow_link+0x3c0/0x3c0
[ 1350.377129][T25298]  __lookup_slow+0x14e/0x400
[ 1350.381692][T25298]  ? __d_lookup+0x4da/0x530
[ 1350.386172][T25298]  ? lookup_one_len+0x6a0/0x6a0
[ 1350.390997][T25298]  lookup_one_len+0x43d/0x6a0
[ 1350.395648][T25298]  ? try_lookup_one_len+0x660/0x660
[ 1350.400816][T25298]  start_creating+0x166/0x320
[ 1350.405471][T25298]  __debugfs_create_file+0x75/0x4a0
[ 1350.410719][T25298]  ? up_write+0x19/0xd0
[ 1350.414859][T25298]  debugfs_create_file+0x4a/0x60
[ 1350.419773][T25298]  bdi_register_va+0x2ab/0x600
[ 1350.424521][T25298]  bdi_register+0xd1/0x120
[ 1350.428918][T25298]  ? __device_add_disk+0x536/0x11d0
[ 1350.434091][T25298]  ? bdi_register_va+0x600/0x600
[ 1350.438999][T25298]  ? vsnprintf+0x1bfd/0x1cd0
[ 1350.443614][T25298]  ? __kasan_check_read+0x11/0x20
[ 1350.448622][T25298]  ? blk_alloc_devt+0xd4/0x320
[ 1350.453362][T25298]  __device_add_disk+0x5cb/0x11d0
[ 1350.458375][T25298]  ? device_add_disk+0x40/0x40
[ 1350.463121][T25298]  ? loop_add+0x380/0x760
[ 1350.467445][T25298]  ? vsprintf+0x40/0x40
[ 1350.471581][T25298]  device_add_disk+0x2a/0x40
[ 1350.476143][T25298]  loop_add+0x58f/0x760
[ 1350.480271][T25298]  loop_control_ioctl+0x564/0x740
[ 1350.485266][T25298]  ? loop_remove+0xb0/0xb0
[ 1350.489657][T25298]  ? __fget_files+0x310/0x370
[ 1350.494318][T25298]  ? security_file_ioctl+0xb1/0xd0
[ 1350.499402][T25298]  ? loop_remove+0xb0/0xb0
[ 1350.503788][T25298]  __se_sys_ioctl+0x115/0x190
[ 1350.508466][T25298]  __x64_sys_ioctl+0x7b/0x90
[ 1350.513053][T25298]  do_syscall_64+0x34/0x70
[ 1350.517448][T25298]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1350.523310][T25298] RIP: 0033:0x7f77b238e0d9
[ 1350.527724][T25298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1350.547309][T25298] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1350.555716][T25298] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1350.563770][T25298] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1350.571715][T25298] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1350.579660][T25298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1350.587607][T25298] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1350.611020][   T23] kauditd_printk_skb: 17 callbacks suppressed
[ 1350.611032][   T23] audit: type=1326 audit(1669991600.049:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25285 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:33:20 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080))

14:33:20 executing program 0:
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)

14:33:20 executing program 2:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
getsockopt$MRT(r0, 0x0, 0xce, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)

14:33:20 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x649, 0x41, 0x5, 0x7f}, {0xd86e, 0x4, 0x5, 0x3}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000100)={0x0, 0x1, r0, 0x100, 0x80000})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fddbdf253d0000000e0001006e657464657673696d0000000f0002006e657464657673696d9b962974863000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e457464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740008000100706369001100020030303056f5cb84303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469"], 0x100}, 0x1, 0x0, 0x0, 0x20000001}, 0x8008050)

14:33:20 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1b00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:20 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 68)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

[ 1350.830667][   T23] audit: type=1326 audit(1669991600.279:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25318 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1350.832654][T25324] FAULT_INJECTION: forcing a failure.
[ 1350.832654][T25324] name failslab, interval 1, probability 0, space 0, times 0
14:33:20 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1c00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:20 executing program 0:
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005) (async)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)

[ 1350.874613][   T23] audit: type=1326 audit(1669991600.279:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25320 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
[ 1350.905532][   T23] audit: type=1326 audit(1669991600.349:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25318 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1350.929345][T25324] CPU: 1 PID: 25324 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1350.941067][T25324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1350.951383][T25324] Call Trace:
[ 1350.954676][T25324]  dump_stack_lvl+0x1e2/0x24b
[ 1350.959352][T25324]  ? panic+0x7d7/0x7d7
[ 1350.963423][T25324]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1350.969486][T25324]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1350.974939][T25324]  dump_stack+0x15/0x17
[ 1350.979091][T25324]  should_fail+0x3c0/0x510
[ 1350.983503][T25324]  __should_failslab+0x9f/0xe0
[ 1350.988264][T25324]  should_failslab+0x9/0x20
[ 1350.992852][T25324]  kmem_cache_alloc+0x3f/0x300
[ 1350.997615][T25324]  ? security_inode_alloc+0x29/0x140
[ 1351.002895][T25324]  security_inode_alloc+0x29/0x140
[ 1351.008003][T25324]  inode_init_always+0x710/0x970
[ 1351.012939][T25324]  new_inode_pseudo+0x93/0x220
[ 1351.017792][T25324]  new_inode+0x28/0x1c0
[ 1351.021948][T25324]  ? start_creating+0x206/0x320
[ 1351.026798][T25324]  __debugfs_create_file+0x143/0x4a0
[ 1351.032075][T25324]  ? up_write+0x19/0xd0
[ 1351.036226][T25324]  debugfs_create_file+0x4a/0x60
[ 1351.041154][T25324]  bdi_register_va+0x2ab/0x600
[ 1351.045909][T25324]  bdi_register+0xd1/0x120
[ 1351.050422][T25324]  ? __device_add_disk+0x536/0x11d0
[ 1351.055614][T25324]  ? bdi_register_va+0x600/0x600
[ 1351.060543][T25324]  ? vsnprintf+0x1bfd/0x1cd0
[ 1351.065129][T25324]  ? __kasan_check_read+0x11/0x20
[ 1351.070145][T25324]  ? blk_alloc_devt+0xd4/0x320
[ 1351.074903][T25324]  __device_add_disk+0x5cb/0x11d0
[ 1351.079923][T25324]  ? device_add_disk+0x40/0x40
[ 1351.084679][T25324]  ? loop_add+0x380/0x760
[ 1351.089001][T25324]  ? vsprintf+0x40/0x40
[ 1351.093154][T25324]  device_add_disk+0x2a/0x40
[ 1351.097743][T25324]  loop_add+0x58f/0x760
[ 1351.101896][T25324]  loop_control_ioctl+0x564/0x740
[ 1351.106917][T25324]  ? loop_remove+0xb0/0xb0
[ 1351.111413][T25324]  ? __fget_files+0x310/0x370
[ 1351.116088][T25324]  ? security_file_ioctl+0xb1/0xd0
[ 1351.121196][T25324]  ? loop_remove+0xb0/0xb0
[ 1351.125607][T25324]  __se_sys_ioctl+0x115/0x190
[ 1351.130278][T25324]  __x64_sys_ioctl+0x7b/0x90
[ 1351.134866][T25324]  do_syscall_64+0x34/0x70
[ 1351.139280][T25324]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1351.145162][T25324] RIP: 0033:0x7f77b238e0d9
[ 1351.149571][T25324] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1351.169172][T25324] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
14:33:20 executing program 0:
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005) (async, rerun: 64)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (rerun: 64)

14:33:20 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1d00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:20 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x54b1e95c1aa90be}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00000000000000000000000000f6d2f3f1f89dcc8f86a0749d"], 0x14}, 0x1, 0x0, 0x0, 0x240400c3}, 0x84)

14:33:20 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)) (async)

[ 1351.177595][T25324] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1351.185565][T25324] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1351.193530][T25324] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1351.201496][T25324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1351.209463][T25324] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1351.224803][T25324] debugfs: out of free dentries, can not create file 'stats'
14:33:20 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x54b1e95c1aa90be}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00000000000000000000000000f6d2f3f1f89dcc8f86a0749d"], 0x14}, 0x1, 0x0, 0x0, 0x240400c3}, 0x84)

14:33:20 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1e00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:21 executing program 2:
r0 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)}, 0x30)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000100)={'erspan0\x00', <r1=>0x0, 0x40, 0x20, 0x6, 0x6, {{0x27, 0x4, 0x1, 0x30, 0x9c, 0x67, 0x0, 0x0, 0x2b, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@ssrr={0x89, 0x1b, 0xd9, [@broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x30}, @rand_addr=0x64010102, @rand_addr=0x64010101, @private=0xa010100]}, @noop, @end, @timestamp={0x44, 0x20, 0x44, 0x0, 0x2, [0x1, 0xff, 0x98e, 0x8001, 0x8, 0x5, 0x9]}, @cipso={0x86, 0x49, 0xffffffffffffffff, [{0x1, 0xe, "fd4c8b49bc6ad9dd22813009"}, {0x6, 0xa, "4f23b2259d654054"}, {0x7, 0xf, "124deecd7aa7f5a6e572207bc4"}, {0x6, 0xe, "0bbdba48b91e5bf2e83ad5fb"}, {0x7, 0xe, "3833e22beddef3543446a568"}]}, @end]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9e}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x401}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x20044000)

14:33:21 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 69)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:21 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080))

14:33:21 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x1f00000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:21 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x54b1e95c1aa90be}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00000000000000000000000000f6d2f3f1f89dcc8f86a0749d"], 0x14}, 0x1, 0x0, 0x0, 0x240400c3}, 0x84)

14:33:21 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x649, 0x41, 0x5, 0x7f}, {0xd86e, 0x4, 0x5, 0x3}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000100)={0x0, 0x1, r0, 0x100, 0x80000}) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fddbdf253d0000000e0001006e657464657673696d0000000f0002006e657464657673696d9b962974863000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e457464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740008000100706369001100020030303056f5cb84303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469"], 0x100}, 0x1, 0x0, 0x0, 0x20000001}, 0x8008050)

14:33:21 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1351.680845][T25360] FAULT_INJECTION: forcing a failure.
[ 1351.680845][T25360] name failslab, interval 1, probability 0, space 0, times 0
[ 1351.699749][   T23] audit: type=1326 audit(1669991601.149:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25365 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f75e63b40d9 code=0x0
[ 1351.702420][T25360] CPU: 0 PID: 25360 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1351.735093][T25360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1351.745254][T25360] Call Trace:
[ 1351.748542][T25360]  dump_stack_lvl+0x1e2/0x24b
[ 1351.753198][T25360]  ? panic+0x7d7/0x7d7
[ 1351.757250][T25360]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1351.763295][T25360]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1351.768728][T25360]  dump_stack+0x15/0x17
[ 1351.772859][T25360]  should_fail+0x3c0/0x510
[ 1351.777253][T25360]  __should_failslab+0x9f/0xe0
[ 1351.781993][T25360]  should_failslab+0x9/0x20
[ 1351.786479][T25360]  kmem_cache_alloc+0x3f/0x300
[ 1351.791222][T25360]  ? security_inode_alloc+0x29/0x140
[ 1351.796505][T25360]  security_inode_alloc+0x29/0x140
[ 1351.801599][T25360]  inode_init_always+0x710/0x970
[ 1351.806516][T25360]  new_inode_pseudo+0x93/0x220
[ 1351.811258][T25360]  new_inode+0x28/0x1c0
[ 1351.815393][T25360]  ? start_creating+0x206/0x320
[ 1351.820224][T25360]  __debugfs_create_file+0x143/0x4a0
[ 1351.825507][T25360]  ? up_write+0x19/0xd0
[ 1351.829640][T25360]  debugfs_create_file+0x4a/0x60
[ 1351.834553][T25360]  bdi_register_va+0x2ab/0x600
[ 1351.839292][T25360]  bdi_register+0xd1/0x120
[ 1351.843686][T25360]  ? __device_add_disk+0x536/0x11d0
[ 1351.848860][T25360]  ? bdi_register_va+0x600/0x600
[ 1351.853777][T25360]  ? vsnprintf+0x1bfd/0x1cd0
[ 1351.858349][T25360]  ? __kasan_check_read+0x11/0x20
[ 1351.863349][T25360]  ? blk_alloc_devt+0xd4/0x320
[ 1351.868089][T25360]  __device_add_disk+0x5cb/0x11d0
[ 1351.873110][T25360]  ? device_add_disk+0x40/0x40
[ 1351.877849][T25360]  ? loop_add+0x380/0x760
[ 1351.882155][T25360]  ? vsprintf+0x40/0x40
[ 1351.886287][T25360]  device_add_disk+0x2a/0x40
[ 1351.890854][T25360]  loop_add+0x58f/0x760
[ 1351.895005][T25360]  loop_control_ioctl+0x564/0x740
[ 1351.900004][T25360]  ? loop_remove+0xb0/0xb0
[ 1351.904398][T25360]  ? __fget_files+0x310/0x370
[ 1351.909053][T25360]  ? security_file_ioctl+0xb1/0xd0
[ 1351.914141][T25360]  ? loop_remove+0xb0/0xb0
[ 1351.918543][T25360]  __se_sys_ioctl+0x115/0x190
[ 1351.923200][T25360]  __x64_sys_ioctl+0x7b/0x90
[ 1351.927775][T25360]  do_syscall_64+0x34/0x70
[ 1351.932170][T25360]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1351.938057][T25360] RIP: 0033:0x7f77b238e0d9
[ 1351.942454][T25360] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1351.962037][T25360] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1351.970427][T25360] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
14:33:21 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x8, &(0x7f0000000040)=[{0x2, 0x8c, 0x20, 0x7}, {0x2, 0x0, 0x7f, 0x5}, {0x0, 0x7, 0x0, 0x5}, {0x7, 0x0, 0x6, 0x10001}, {0x2, 0x3, 0x8}, {0x68, 0xff, 0xd3, 0xd082}, {0xfe00, 0x8, 0x0, 0x6}, {0x1f, 0x5, 0x1, 0xfffffff7}]})

[ 1351.978376][T25360] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1351.986324][T25360] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1351.994275][T25360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1352.002224][T25360] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1352.010802][T25360] debugfs: out of free dentries, can not create file 'stats'
14:33:21 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x7, 0x10, 0x9, 0x80000000, {{0xf, 0x4, 0x2, 0x1, 0x3c, 0x67, 0x0, 0x3, 0x4, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0x1f, 0x3e, [@local, @local, @dev={0xac, 0x14, 0x14, 0x3a}, @loopback, @dev={0xac, 0x14, 0x14, 0x1b}, @private=0xa010100, @loopback]}, @ssrr={0x89, 0x7, 0x52, [@remote]}]}}}}})

14:33:21 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async, rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x7, 0x10, 0x9, 0x80000000, {{0xf, 0x4, 0x2, 0x1, 0x3c, 0x67, 0x0, 0x3, 0x4, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0x1f, 0x3e, [@local, @local, @dev={0xac, 0x14, 0x14, 0x3a}, @loopback, @dev={0xac, 0x14, 0x14, 0x1b}, @private=0xa010100, @loopback]}, @ssrr={0x89, 0x7, 0x52, [@remote]}]}}}}}) (rerun: 64)

[ 1352.018679][   T23] audit: type=1326 audit(1669991601.469:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0223ab70d9 code=0x0
14:33:21 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2100000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:21 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x7, 0x10, 0x9, 0x80000000, {{0xf, 0x4, 0x2, 0x1, 0x3c, 0x67, 0x0, 0x3, 0x4, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0x1f, 0x3e, [@local, @local, @dev={0xac, 0x14, 0x14, 0x3a}, @loopback, @dev={0xac, 0x14, 0x14, 0x1b}, @private=0xa010100, @loopback]}, @ssrr={0x89, 0x7, 0x52, [@remote]}]}}}}})

[ 1352.059964][   T23] audit: type=1326 audit(1669991601.499:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25377 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1352.105227][   T23] audit: type=1326 audit(1669991601.549:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25377 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
14:33:21 executing program 2:
r0 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)}, 0x30)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000100)={'erspan0\x00', <r1=>0x0, 0x40, 0x20, 0x6, 0x6, {{0x27, 0x4, 0x1, 0x30, 0x9c, 0x67, 0x0, 0x0, 0x2b, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@ssrr={0x89, 0x1b, 0xd9, [@broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x30}, @rand_addr=0x64010102, @rand_addr=0x64010101, @private=0xa010100]}, @noop, @end, @timestamp={0x44, 0x20, 0x44, 0x0, 0x2, [0x1, 0xff, 0x98e, 0x8001, 0x8, 0x5, 0x9]}, @cipso={0x86, 0x49, 0xffffffffffffffff, [{0x1, 0xe, "fd4c8b49bc6ad9dd22813009"}, {0x6, 0xa, "4f23b2259d654054"}, {0x7, 0xf, "124deecd7aa7f5a6e572207bc4"}, {0x6, 0xe, "0bbdba48b91e5bf2e83ad5fb"}, {0x7, 0xe, "3833e22beddef3543446a568"}]}, @end]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9e}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x401}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x20044000)
getpid() (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)}, 0x30) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000100)={'erspan0\x00', 0x0, 0x40, 0x20, 0x6, 0x6, {{0x27, 0x4, 0x1, 0x30, 0x9c, 0x67, 0x0, 0x0, 0x2b, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@ssrr={0x89, 0x1b, 0xd9, [@broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x30}, @rand_addr=0x64010102, @rand_addr=0x64010101, @private=0xa010100]}, @noop, @end, @timestamp={0x44, 0x20, 0x44, 0x0, 0x2, [0x1, 0xff, 0x98e, 0x8001, 0x8, 0x5, 0x9]}, @cipso={0x86, 0x49, 0xffffffffffffffff, [{0x1, 0xe, "fd4c8b49bc6ad9dd22813009"}, {0x6, 0xa, "4f23b2259d654054"}, {0x7, 0xf, "124deecd7aa7f5a6e572207bc4"}, {0x6, 0xe, "0bbdba48b91e5bf2e83ad5fb"}, {0x7, 0xe, "3833e22beddef3543446a568"}]}, @end]}}}}}) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14) (async)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9e}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x401}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x20044000) (async)

14:33:21 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 70)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:21 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x5}, 0x8)

14:33:21 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2200000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:21 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x8, &(0x7f0000000040)=[{0x2, 0x8c, 0x20, 0x7}, {0x2, 0x0, 0x7f, 0x5}, {0x0, 0x7, 0x0, 0x5}, {0x7, 0x0, 0x6, 0x10001}, {0x2, 0x3, 0x8}, {0x68, 0xff, 0xd3, 0xd082}, {0xfe00, 0x8, 0x0, 0x6}, {0x1f, 0x5, 0x1, 0xfffffff7}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x8, &(0x7f0000000040)=[{0x2, 0x8c, 0x20, 0x7}, {0x2, 0x0, 0x7f, 0x5}, {0x0, 0x7, 0x0, 0x5}, {0x7, 0x0, 0x6, 0x10001}, {0x2, 0x3, 0x8}, {0x68, 0xff, 0xd3, 0xd082}, {0xfe00, 0x8, 0x0, 0x6}, {0x1f, 0x5, 0x1, 0xfffffff7}]}) (async)

[ 1352.547711][T25390] FAULT_INJECTION: forcing a failure.
[ 1352.547711][T25390] name failslab, interval 1, probability 0, space 0, times 0
[ 1352.560804][T25390] CPU: 0 PID: 25390 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1352.572554][T25390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1352.582592][T25390] Call Trace:
[ 1352.585865][T25390]  dump_stack_lvl+0x1e2/0x24b
[ 1352.590540][T25390]  ? panic+0x7d7/0x7d7
[ 1352.594588][T25390]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1352.600025][T25390]  ? _raw_spin_lock_bh+0xa3/0x1b0
[ 1352.605026][T25390]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 1352.610204][T25390]  dump_stack+0x15/0x17
[ 1352.614338][T25390]  should_fail+0x3c0/0x510
[ 1352.618731][T25390]  ? kobj_map+0x72/0x6f0
[ 1352.622950][T25390]  __should_failslab+0x9f/0xe0
[ 1352.627692][T25390]  should_failslab+0x9/0x20
[ 1352.632182][T25390]  __kmalloc+0x60/0x360
[ 1352.636318][T25390]  ? __device_add_disk+0x536/0x11d0
[ 1352.641494][T25390]  kobj_map+0x72/0x6f0
[ 1352.645541][T25390]  ? exact_match+0x20/0x20
[ 1352.649937][T25390]  ? bdev_check_media_change+0x4c0/0x4c0
[ 1352.655544][T25390]  __device_add_disk+0x663/0x11d0
[ 1352.660544][T25390]  ? device_add_disk+0x40/0x40
[ 1352.665285][T25390]  ? loop_add+0x380/0x760
[ 1352.669594][T25390]  ? vsprintf+0x40/0x40
[ 1352.673729][T25390]  device_add_disk+0x2a/0x40
[ 1352.678295][T25390]  loop_add+0x58f/0x760
[ 1352.682428][T25390]  loop_control_ioctl+0x564/0x740
[ 1352.687431][T25390]  ? loop_remove+0xb0/0xb0
[ 1352.691826][T25390]  ? __fget_files+0x310/0x370
[ 1352.696499][T25390]  ? security_file_ioctl+0xb1/0xd0
[ 1352.701598][T25390]  ? loop_remove+0xb0/0xb0
[ 1352.705997][T25390]  __se_sys_ioctl+0x115/0x190
[ 1352.710656][T25390]  __x64_sys_ioctl+0x7b/0x90
[ 1352.715238][T25390]  do_syscall_64+0x34/0x70
[ 1352.719634][T25390]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1352.725505][T25390] RIP: 0033:0x7f77b238e0d9
14:33:22 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x649, 0x41, 0x5, 0x7f}, {0xd86e, 0x4, 0x5, 0x3}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000100)={0x0, 0x1, r0, 0x100, 0x80000})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000429bd7000fddbdf253d0000000e0001006e657464657673696d0000000f0002006e657464657673696d9b962974863000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e457464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740008000100706369001100020030303056f5cb84303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469"], 0x100}, 0x1, 0x0, 0x0, 0x20000001}, 0x8008050)

14:33:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x2300000000000000, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

14:33:22 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x5}, 0x8)

[ 1352.729925][T25390] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1352.749506][T25390] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1352.757901][T25390] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1352.765854][T25390] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1352.773803][T25390] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1352.781771][T25390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1352.789723][T25390] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
14:33:22 executing program 0:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x5}, 0x8)

14:33:22 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = syz_open_dev$vcsu(&(0x7f00000003c0), 0x7fff, 0x3a5100)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x8, 0x7800, 0xfffffffc, 0x7, {{0x10, 0x4, 0x2, 0x0, 0x40, 0x65, 0x0, 0x5, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x17, 0xf8, [@private=0xa010100, @empty, @remote, @remote, @broadcast]}, @cipso={0x86, 0x10, 0x0, [{0x7, 0xa, "6906870b6e46a1eb"}]}]}}}}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0x1b, &(0x7f0000000140)={&(0x7f0000000040)={0xc4, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0xc4}, 0x1, 0x0, 0x0, 0x2880}, 0x4010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="10002abd7000be34bab2b381c5a5ad00080f06003fffffe1080005000100800000000380050008000500000006000400daaf004008000600"/66], 0x48}, 0x1, 0x0, 0x0, 0x14}, 0x4011)

14:33:22 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = syz_open_dev$vcsu(&(0x7f00000003c0), 0x7fff, 0x3a5100)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x8, 0x7800, 0xfffffffc, 0x7, {{0x10, 0x4, 0x2, 0x0, 0x40, 0x65, 0x0, 0x5, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x17, 0xf8, [@private=0xa010100, @empty, @remote, @remote, @broadcast]}, @cipso={0x86, 0x10, 0x0, [{0x7, 0xa, "6906870b6e46a1eb"}]}]}}}}})
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0x1b, &(0x7f0000000140)={&(0x7f0000000040)={0xc4, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0xc4}, 0x1, 0x0, 0x0, 0x2880}, 0x4010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="10002abd7000be34bab2b381c5a5ad00080f06003fffffe1080005000100800000000380050008000500000006000400daaf004008000600"/66], 0x48}, 0x1, 0x0, 0x0, 0x14}, 0x4011)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
syz_open_dev$vcsu(&(0x7f00000003c0), 0x7fff, 0x3a5100) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x8, 0x7800, 0xfffffffc, 0x7, {{0x10, 0x4, 0x2, 0x0, 0x40, 0x65, 0x0, 0x5, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x17, 0xf8, [@private=0xa010100, @empty, @remote, @remote, @broadcast]}, @cipso={0x86, 0x10, 0x0, [{0x7, 0xa, "6906870b6e46a1eb"}]}]}}}}}) (async)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0x1b, &(0x7f0000000140)={&(0x7f0000000040)={0xc4, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0xc4}, 0x1, 0x0, 0x0, 0x2880}, 0x4010) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff) (async)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="10002abd7000be34bab2b381c5a5ad00080f06003fffffe1080005000100800000000380050008000500000006000400daaf004008000600"/66], 0x48}, 0x1, 0x0, 0x0, 0x14}, 0x4011) (async)

14:33:22 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
r0 = syz_open_dev$vcsu(&(0x7f00000003c0), 0x7fff, 0x3a5100)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x8, 0x7800, 0xfffffffc, 0x7, {{0x10, 0x4, 0x2, 0x0, 0x40, 0x65, 0x0, 0x5, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0x17, 0xf8, [@private=0xa010100, @empty, @remote, @remote, @broadcast]}, @cipso={0x86, 0x10, 0x0, [{0x7, 0xa, "6906870b6e46a1eb"}]}]}}}}}) (async, rerun: 64)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0x1b, &(0x7f0000000140)={&(0x7f0000000040)={0xc4, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}]}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0xc4}, 0x1, 0x0, 0x0, 0x2880}, 0x4010) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="10002abd7000be34bab2b381c5a5ad00080f06003fffffe1080005000100800000000380050008000500000006000400daaf004008000600"/66], 0x48}, 0x1, 0x0, 0x0, 0x14}, 0x4011)

[ 1352.802414][   T23] audit: type=1326 audit(1669991602.249:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25393 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57d0ccb0d9 code=0x0
[ 1352.828666][   T23] audit: type=1326 audit(1669991602.249:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25393 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f57d0c79bf6 code=0x0
14:33:22 executing program 2:
r0 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)}, 0x30) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000100)={'erspan0\x00', <r1=>0x0, 0x40, 0x20, 0x6, 0x6, {{0x27, 0x4, 0x1, 0x30, 0x9c, 0x67, 0x0, 0x0, 0x2b, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@ssrr={0x89, 0x1b, 0xd9, [@broadcast, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x30}, @rand_addr=0x64010102, @rand_addr=0x64010101, @private=0xa010100]}, @noop, @end, @timestamp={0x44, 0x20, 0x44, 0x0, 0x2, [0x1, 0xff, 0x98e, 0x8001, 0x8, 0x5, 0x9]}, @cipso={0x86, 0x49, 0xffffffffffffffff, [{0x1, 0xe, "fd4c8b49bc6ad9dd22813009"}, {0x6, 0xa, "4f23b2259d654054"}, {0x7, 0xf, "124deecd7aa7f5a6e572207bc4"}, {0x6, 0xe, "0bbdba48b91e5bf2e83ad5fb"}, {0x7, 0xe, "3833e22beddef3543446a568"}]}, @end]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000240)=0x14)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, 0x0, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x9e}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x401}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x20044000)

14:33:22 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 71)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:22 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x6, 0x0, 0x8}, 0x48)

14:33:22 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xd8, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xc4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x83e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf59}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa1e8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x20000040}, 0x8c1)

[ 1352.912857][T25429] FAULT_INJECTION: forcing a failure.
[ 1352.912857][T25429] name failslab, interval 1, probability 0, space 0, times 0
[ 1352.931934][T25429] CPU: 1 PID: 25429 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1352.943661][T25429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1352.953706][T25429] Call Trace:
[ 1352.956978][T25429]  dump_stack_lvl+0x1e2/0x24b
[ 1352.961635][T25429]  ? panic+0x7d7/0x7d7
[ 1352.965681][T25429]  ? bfq_pos_tree_add_move+0x43e/0x43e
[ 1352.971119][T25429]  ? __kasan_kmalloc+0x9/0x10
[ 1352.975773][T25429]  ? kobj_map+0x72/0x6f0
[ 1352.979993][T25429]  ? __device_add_disk+0x663/0x11d0
[ 1352.985166][T25429]  ? device_add_disk+0x2a/0x40
[ 1352.989912][T25429]  ? loop_control_ioctl+0x564/0x740
[ 1352.995086][T25429]  ? __se_sys_ioctl+0x115/0x190
[ 1352.999911][T25429]  ? __x64_sys_ioctl+0x7b/0x90
[ 1353.004654][T25429]  dump_stack+0x15/0x17
[ 1353.008788][T25429]  should_fail+0x3c0/0x510
[ 1353.013192][T25429]  ? kvasprintf_const+0x139/0x180
[ 1353.018213][T25429]  __should_failslab+0x9f/0xe0
[ 1353.022973][T25429]  should_failslab+0x9/0x20
[ 1353.027466][T25429]  __kmalloc_track_caller+0x5f/0x350
[ 1353.032738][T25429]  kstrdup_const+0x55/0x90
[ 1353.037146][T25429]  kvasprintf_const+0x139/0x180
[ 1353.041980][T25429]  kobject_set_name_vargs+0x61/0x120
[ 1353.047244][T25429]  dev_set_name+0xd1/0x120
[ 1353.051649][T25429]  ? __kmalloc+0x1f7/0x360
[ 1353.056051][T25429]  ? get_device+0x30/0x30
[ 1353.060374][T25429]  ? kobj_map+0x6ad/0x6f0
[ 1353.064693][T25429]  __device_add_disk+0x6e5/0x11d0
[ 1353.069713][T25429]  ? device_add_disk+0x40/0x40
[ 1353.074464][T25429]  ? vsprintf+0x40/0x40
[ 1353.078615][T25429]  device_add_disk+0x2a/0x40
[ 1353.083198][T25429]  loop_add+0x58f/0x760
[ 1353.087345][T25429]  loop_control_ioctl+0x564/0x740
[ 1353.092354][T25429]  ? loop_remove+0xb0/0xb0
[ 1353.096756][T25429]  ? __fget_files+0x310/0x370
[ 1353.101413][T25429]  ? security_file_ioctl+0xb1/0xd0
[ 1353.106501][T25429]  ? loop_remove+0xb0/0xb0
[ 1353.110896][T25429]  __se_sys_ioctl+0x115/0x190
[ 1353.115558][T25429]  __x64_sys_ioctl+0x7b/0x90
[ 1353.120127][T25429]  do_syscall_64+0x34/0x70
[ 1353.124521][T25429]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1353.130391][T25429] RIP: 0033:0x7f77b238e0d9
[ 1353.134784][T25429] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1353.154367][T25429] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1353.162769][T25429] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1353.170804][T25429] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1353.178788][T25429] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1353.186737][T25429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1353.194684][T25429] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1353.203002][T25429] kobject_add_internal failed for queue (error: -2 parent: (null))
[ 1353.211239][T25429] ------------[ cut here ]------------
[ 1353.219329][T25429] WARNING: CPU: 0 PID: 25429 at fs/sysfs/file.c:328 sysfs_create_files+0x215/0x4a0
[ 1353.228831][T25429] Modules linked in:
[ 1353.232906][T25429] CPU: 0 PID: 25429 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1353.244843][T25429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1353.255057][T25429] RIP: 0010:sysfs_create_files+0x215/0x4a0
[ 1353.261024][T25429] Code: 24 04 48 b9 00 00 00 00 00 fc ff df 48 8b 54 24 08 4c 8b 74 24 20 eb 2b 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 e8 eb 85 9a ff <0f> 0b c7 44 24 04 ea ff ff ff 48 b9 00 00 00 00 00 fc ff df 48 8b
[ 1353.280817][T25429] RSP: 0018:ffffc90000c17ae0 EFLAGS: 00010283
[ 1353.287498][T25429] RAX: ffffffff81d25e51 RBX: ffff88810d39b098 RCX: 0000000000040000
[ 1353.302663][T25429] RDX: ffffc90001b10000 RSI: 0000000000027bc6 RDI: 0000000000027bc7
[ 1353.310795][T25429] RBP: ffffc90000c17bb0 R08: ffffffff826c3cd8 R09: ffffed10214469de
[ 1353.318893][T25429] R10: ffffed10214469de R11: 1ffff110214469dd R12: 0000000000000000
[ 1353.326973][T25429] R13: ffffffff854330e0 R14: ffff88810d39b068 R15: ffffffff8653ab20
[ 1353.335022][T25429] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1353.344056][T25429] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1353.350838][T25429] CR2: 00007f77b10bdcc0 CR3: 000000010d53c000 CR4: 00000000003506b0
[ 1353.358986][T25429] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1353.367105][T25429] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1353.375145][T25429] Call Trace:
[ 1353.378533][T25429]  ? sysfs_create_file_ns+0x2a0/0x2a0
[ 1353.383981][T25429]  ? __kasan_check_write+0x14/0x20
[ 1353.389193][T25429]  ? kobject_get+0xd2/0x120
[ 1353.393765][T25429]  __device_add_disk+0x9cb/0x11d0
[ 1353.398869][T25429]  ? device_add_disk+0x40/0x40
[ 1353.403691][T25429]  ? vsprintf+0x40/0x40
[ 1353.407944][T25429]  device_add_disk+0x2a/0x40
[ 1353.412597][T25429]  loop_add+0x58f/0x760
[ 1353.416830][T25429]  loop_control_ioctl+0x564/0x740
[ 1353.421910][T25429]  ? loop_remove+0xb0/0xb0
[ 1353.426394][T25429]  ? __fget_files+0x310/0x370
[ 1353.431223][T25429]  ? security_file_ioctl+0xb1/0xd0
[ 1353.436728][T25429]  ? loop_remove+0xb0/0xb0
[ 1353.441205][T25429]  __se_sys_ioctl+0x115/0x190
[ 1353.445964][T25429]  __x64_sys_ioctl+0x7b/0x90
[ 1353.454816][T25429]  do_syscall_64+0x34/0x70
[ 1353.459328][T25429]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
14:33:22 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x8, &(0x7f0000000040)=[{0x2, 0x8c, 0x20, 0x7}, {0x2, 0x0, 0x7f, 0x5}, {0x0, 0x7, 0x0, 0x5}, {0x7, 0x0, 0x6, 0x10001}, {0x2, 0x3, 0x8}, {0x68, 0xff, 0xd3, 0xd082}, {0xfe00, 0x8, 0x0, 0x6}, {0x1f, 0x5, 0x1, 0xfffffff7}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x8, &(0x7f0000000040)=[{0x2, 0x8c, 0x20, 0x7}, {0x2, 0x0, 0x7f, 0x5}, {0x0, 0x7, 0x0, 0x5}, {0x7, 0x0, 0x6, 0x10001}, {0x2, 0x3, 0x8}, {0x68, 0xff, 0xd3, 0xd082}, {0xfe00, 0x8, 0x0, 0x6}, {0x1f, 0x5, 0x1, 0xfffffff7}]}) (async)

[ 1353.465379][T25429] RIP: 0033:0x7f77b238e0d9
[ 1353.470233][T25429] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1353.490473][T25429] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1353.499471][T25429] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1353.508022][T25429] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1353.516243][T25429] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1353.524267][T25429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1353.532645][T25429] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1353.540789][T25429] ---[ end trace 36e3028cd67c66de ]---
[ 1353.546366][T25429] ------------[ cut here ]------------
[ 1353.551940][T25429] kernfs: can not remove 'events', no directory
[ 1353.558639][T25429] WARNING: CPU: 0 PID: 25429 at fs/kernfs/dir.c:1515 kernfs_remove_by_name_ns+0xc0/0x110
[ 1353.568517][T25429] Modules linked in:
[ 1353.572446][T25429] CPU: 0 PID: 25429 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1353.584215][T25429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1353.594900][T25429] RIP: 0010:kernfs_remove_by_name_ns+0xc0/0x110
[ 1353.601185][T25429] Code: 48 89 df e8 72 ee ff ff 48 89 df e8 8a b1 ff ff 31 db eb 29 e8 51 e4 9a ff 48 c7 c7 00 2f 2d 85 4c 89 fe 31 c0 e8 70 02 6d ff <0f> 0b bb fe ff ff ff eb 16 e8 32 e4 9a ff bb fe ff ff ff 48 c7 c7
[ 1353.620832][T25429] RSP: 0018:ffffc90000c17ab8 EFLAGS: 00010246
[ 1353.627081][T25429] RAX: 5f0e3464b5be5300 RBX: 0000000000000000 RCX: 0000000000040000
[ 1353.635143][T25429] RDX: ffffc90001b10000 RSI: 000000000003ffff RDI: 0000000000040000
[ 1353.643259][T25429] RBP: ffffc90000c17ad0 R08: ffffffff8153d238 R09: ffffed103ee0a5e8
[ 1353.651308][T25429] R10: ffffed103ee0a5e8 R11: 1ffff1103ee0a5e7 R12: ffffffff8653ab20
14:33:23 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r0, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x8000, @link='syz1\x00'}}}, ["", "", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x8040000}, 0x800)

14:33:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1b, 0x0, 0x8}, 0x48)

14:33:23 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xd8, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xc4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x83e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf59}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa1e8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x20000040}, 0x8c1)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xd8, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xc4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x83e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf59}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa1e8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x20000040}, 0x8c1) (async)

14:33:23 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16, 0x0, 0x0, 0x362}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/118, 0x76, 0x1, &(0x7f0000000040)=""/55, 0x37}, &(0x7f0000000180)=0x40)

[ 1353.659318][T25429] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff854330c0
[ 1353.667370][T25429] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1353.676418][T25429] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1353.683014][T25429] CR2: 00007f77b10bdcc0 CR3: 000000010d53c000 CR4: 00000000003506b0
[ 1353.691031][T25429] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1353.699076][T25429] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1353.707711][T25429] Call Trace:
[ 1353.711117][T25429]  sysfs_create_files+0x40a/0x4a0
14:33:23 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xd8, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xc4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x83e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf59}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa1e8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x20000040}, 0x8c1)

14:33:23 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x4000002, 0x400, 0x7, 0xb08, 0x1, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x5, 0x4}, 0x48)

14:33:23 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x4000002, 0x400, 0x7, 0xb08, 0x1, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x5, 0x4}, 0x48)

14:33:23 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x4000002, 0x400, 0x7, 0xb08, 0x1, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x5, 0x4}, 0x48)

[ 1353.716412][T25429]  ? sysfs_create_file_ns+0x2a0/0x2a0
[ 1353.722205][T25429]  ? __kasan_check_write+0x14/0x20
[ 1353.727468][T25429]  ? kobject_get+0xd2/0x120
[ 1353.732103][T25429]  __device_add_disk+0x9cb/0x11d0
[ 1353.737245][T25429]  ? device_add_disk+0x40/0x40
[ 1353.742014][T25429]  ? vsprintf+0x40/0x40
[ 1353.746258][T25429]  device_add_disk+0x2a/0x40
[ 1353.750854][T25429]  loop_add+0x58f/0x760
[ 1353.755012][T25429]  loop_control_ioctl+0x564/0x740
[ 1353.760150][T25429]  ? loop_remove+0xb0/0xb0
[ 1353.764565][T25429]  ? __fget_files+0x310/0x370
[ 1353.769544][T25429]  ? security_file_ioctl+0xb1/0xd0
[ 1353.774638][T25429]  ? loop_remove+0xb0/0xb0
[ 1353.779068][T25429]  __se_sys_ioctl+0x115/0x190
[ 1353.783742][T25429]  __x64_sys_ioctl+0x7b/0x90
[ 1353.788402][T25429]  do_syscall_64+0x34/0x70
[ 1353.792813][T25429]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1353.798735][T25429] RIP: 0033:0x7f77b238e0d9
[ 1353.803147][T25429] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1353.823469][T25429] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1353.831898][T25429] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1353.839867][T25429] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000004
[ 1353.847845][T25429] RBP: 00007f77b11011d0 R08: 0000000000000000 R09: 0000000000000000
[ 1353.855816][T25429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
14:33:23 executing program 4:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
pipe2$watch_queue(0x0, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x5421, 0x0)

14:33:23 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0), 0x5)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000010c0)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/4096, 0x1000, 0x1, &(0x7f0000001000)=""/183, 0xb7}, &(0x7f0000001100)=0x40)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001140), r1)

14:33:23 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x14, 0x0, 0x8}, 0x48)

[ 1353.863771][T25429] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1353.871943][T25429] ---[ end trace 36e3028cd67c66df ]---
[ 1353.877464][T25429] loop0: failed to create sysfs files for events
[ 1353.920489][T25464] ------------[ cut here ]------------
[ 1353.926100][T25464] kernfs: can not remove 'events', no directory
[ 1353.932549][T25464] WARNING: CPU: 0 PID: 25464 at fs/kernfs/dir.c:1515 kernfs_remove_by_name_ns+0xc0/0x110
[ 1353.942764][T25464] Modules linked in:
[ 1353.947221][T25464] CPU: 0 PID: 25464 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1353.959272][T25464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1353.969658][T25464] RIP: 0010:kernfs_remove_by_name_ns+0xc0/0x110
[ 1353.976773][T25464] Code: 48 89 df e8 72 ee ff ff 48 89 df e8 8a b1 ff ff 31 db eb 29 e8 51 e4 9a ff 48 c7 c7 00 2f 2d 85 4c 89 fe 31 c0 e8 70 02 6d ff <0f> 0b bb fe ff ff ff eb 16 e8 32 e4 9a ff bb fe ff ff ff 48 c7 c7
[ 1353.997431][T25464] RSP: 0018:ffffc9000634fbf8 EFLAGS: 00010246
[ 1354.003997][T25464] RAX: cb245ba9218a0c00 RBX: 0000000000000000 RCX: ffff88810fb04f00
[ 1354.012372][T25464] RDX: 0000000000000003 RSI: 0000000000003a34 RDI: 000000000001d1b0
[ 1354.020661][T25464] RBP: ffffc9000634fc10 R08: ffffffff8153d238 R09: 0000000000000e8e
[ 1354.041143][T25464] R10: 0000000080000000 R11: 1ffff1103ee04e92 R12: 0000000000000000
[ 1354.058978][T25464] R13: ffffffff8653ab20 R14: 0000000000000000 R15: ffffffff854330c0
[ 1354.076808][T25464] FS:  00007f77b1101700(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 1354.099918][T25464] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1354.115388][T25464] CR2: 0000000020001fc0 CR3: 0000000115363000 CR4: 00000000003506b0
[ 1354.134417][T25464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1354.152367][T25464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1354.170179][T25464] Call Trace:
[ 1354.177888][T25464]  sysfs_remove_files+0xab/0x110
[ 1354.188323][T25464]  del_gendisk+0x278/0xe20
[ 1354.198248][T25464]  ? device_add_disk_no_queue_reg+0x30/0x30
[ 1354.210726][T25464]  ? __radix_tree_delete+0x2ba/0x380
[ 1354.222606][T25464]  ? radix_tree_delete_item+0x261/0x360
[ 1354.234736][T25464]  loop_remove+0x46/0xb0
[ 1354.243551][T25464]  loop_control_ioctl+0x67f/0x740
[ 1354.254118][T25464]  ? loop_remove+0xb0/0xb0
[ 1354.264084][T25464]  ? __fget_files+0x310/0x370
[ 1354.273223][T25464]  ? security_file_ioctl+0xb1/0xd0
[ 1354.283926][T25464]  ? loop_remove+0xb0/0xb0
[ 1354.293991][T25464]  __se_sys_ioctl+0x115/0x190
[ 1354.304215][T25464]  __x64_sys_ioctl+0x7b/0x90
[ 1354.313268][T25464]  do_syscall_64+0x34/0x70
[ 1354.323212][T25464]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1354.335525][T25464] RIP: 0033:0x7f77b238e0d9
[ 1354.344372][T25464] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1354.364448][T25464] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1354.373165][T25464] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1354.394223][T25464] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000004
[ 1354.410974][T25464] RBP: 00007f77b23e9ae9 R08: 0000000000000000 R09: 0000000000000000
[ 1354.427814][T25464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
14:33:23 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6ffb6c6458d6a516, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x2, 0x1, 0x67, 0x1ff}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x8, &(0x7f0000000180)=[{0x6, 0x0, 0xef, 0xffffffff}, {0x0, 0x0, 0x20, 0x5}, {0x7, 0x0, 0x6, 0x3}, {0x4989, 0x1, 0x2, 0x5}, {0x7, 0x9, 0x0, 0x76}, {0x7, 0x0, 0x5a, 0x2}, {0x101, 0x95, 0x1, 0x1ff}, {0x4, 0x6, 0x95, 0x1}]})
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
read$watch_queue(r0, &(0x7f00000001c0)=""/19, 0x13)

[ 1354.443506][T25464] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1354.460368][T25464] ---[ end trace 36e3028cd67c66e0 ]---
[ 1354.472429][T25464] ------------[ cut here ]------------
[ 1354.481972][T25464] kernfs: can not remove 'events_async', no directory
[ 1354.497178][T25464] WARNING: CPU: 0 PID: 25464 at fs/kernfs/dir.c:1515 kernfs_remove_by_name_ns+0xc0/0x110
[ 1354.518072][T25464] Modules linked in:
[ 1354.525335][T25464] CPU: 0 PID: 25464 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1354.550508][T25464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1354.571586][T25464] RIP: 0010:kernfs_remove_by_name_ns+0xc0/0x110
14:33:24 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16}]}) (async)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r0, 0x400, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x8000, @link='syz1\x00'}}}, ["", "", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x8040000}, 0x800)

14:33:24 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x14, 0x2, 0x8}, 0x48)

14:33:24 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
connect$bt_sco(r0, &(0x7f0000001fc0), 0x5)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000010c0)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/4096, 0x1000, 0x1, &(0x7f0000001000)=""/183, 0xb7}, &(0x7f0000001100)=0x40)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001140), r1)
pipe2$watch_queue(&(0x7f00000000c0), 0x80) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0), 0x5) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000010c0)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/4096, 0x1000, 0x1, &(0x7f0000001000)=""/183, 0xb7}, &(0x7f0000001100)=0x40) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001140), r1) (async)

[ 1354.584505][T25464] Code: 48 89 df e8 72 ee ff ff 48 89 df e8 8a b1 ff ff 31 db eb 29 e8 51 e4 9a ff 48 c7 c7 00 2f 2d 85 4c 89 fe 31 c0 e8 70 02 6d ff <0f> 0b bb fe ff ff ff eb 16 e8 32 e4 9a ff bb fe ff ff ff 48 c7 c7
[ 1354.612071][T25464] RSP: 0018:ffffc9000634fbf8 EFLAGS: 00010246
[ 1354.618446][T25464] RAX: cb245ba9218a0c00 RBX: 0000000000000000 RCX: ffff88810fb04f00
[ 1354.626738][T25464] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 1354.644908][T25464] RBP: ffffc9000634fc10 R08: ffffffff8153d238 R09: 000000000000ffff
[ 1354.663943][T25464] R10: ffffed103ee0a5e8 R11: 1ffff1103ee0a5e7 R12: 0000000000000000
[ 1354.681792][T25464] R13: ffffffff8653ab20 R14: 0000000000000000 R15: ffffffff854331a0
14:33:24 executing program 2:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x16, 0x0, 0x0, 0x362}]})
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
connect$bt_sco(r0, &(0x7f0000001fc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/118, 0x76, 0x1, &(0x7f0000000040)=""/55, 0x37}, &(0x7f0000000180)=0x40)

14:33:24 executing program 3:
pipe2$watch_queue(0x0, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x14, 0x3, 0x8}, 0x48)

14:33:24 executing program 0:
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x1c, 0x0, 0x800, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x8000)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async, rerun: 32)
connect$bt_sco(r0, &(0x7f0000001fc0), 0x5) (async, rerun: 32)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000010c0)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/4096, 0x1000, 0x1, &(0x7f0000001000)=""/183, 0xb7}, &(0x7f0000001100)=0x40)
socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001140), r1)

[ 1354.695526][T25464] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1354.704496][T25464] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1354.724772][T25464] CR2: 00007f30e3a30dc0 CR3: 0000000115363000 CR4: 00000000003506a0
[ 1354.734317][T25464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
14:33:24 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x198, r0, 0x32c, 0x70bd28, 0x25dfdbfe, {}, [{{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xffff}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd0d}}}]}}, {{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

[ 1354.744096][T25464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1354.752749][T25464] Call Trace:
[ 1354.763369][T25464]  sysfs_remove_files+0xab/0x110
[ 1354.770048][T25464]  del_gendisk+0x278/0xe20
[ 1354.774496][T25464]  ? device_add_disk_no_queue_reg+0x30/0x30
[ 1354.780704][T25464]  ? __radix_tree_delete+0x2ba/0x380
[ 1354.786202][T25464]  ? radix_tree_delete_item+0x261/0x360
[ 1354.791793][T25464]  loop_remove+0x46/0xb0
[ 1354.796277][T25464]  loop_control_ioctl+0x67f/0x740
[ 1354.802820][T25464]  ? loop_remove+0xb0/0xb0
[ 1354.807570][T25464]  ? __fget_files+0x310/0x370
[ 1354.812330][T25464]  ? security_file_ioctl+0xb1/0xd0
[ 1354.817778][T25464]  ? loop_remove+0xb0/0xb0
[ 1354.822201][T25464]  __se_sys_ioctl+0x115/0x190
[ 1354.827210][T25464]  __x64_sys_ioctl+0x7b/0x90
[ 1354.831871][T25464]  do_syscall_64+0x34/0x70
[ 1354.836611][T25464]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1354.842585][T25464] RIP: 0033:0x7f77b238e0d9
14:33:24 executing program 0:
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48)
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080)
ioctl$RTC_UIE_OFF(r1, 0x7004)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x198, r0, 0x32c, 0x70bd28, 0x25dfdbfe, {}, [{{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xffff}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd0d}}}]}}, {{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
bpf$MAP_CREATE(0x5, &(0x7f00000001c0), 0x48) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_open_dev$vcsu(&(0x7f0000000280), 0x3, 0x620080) (async)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x0, 0x80, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x40084}, 0x40080) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00'}) (async)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xc0, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x7}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x48000}, 0x800) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x198, r0, 0x32c, 0x70bd28, 0x25dfdbfe, {}, [{{0x8}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xffff}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xd0d}}}]}}, {{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x198}, 0x1, 0x0, 0x0, 0x40000}, 0x4004) (async)

[ 1354.847443][T25464] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1354.868809][T25464] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1354.877755][T25464] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1354.886007][T25464] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000004
[ 1354.894297][T25464] RBP: 00007f77b23e9ae9 R08: 0000000000000000 R09: 0000000000000000
[ 1354.902512][T25464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1354.910914][T25464] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1354.919127][T25464] ---[ end trace 36e3028cd67c66e1 ]---
[ 1354.924639][T25464] ------------[ cut here ]------------
[ 1354.931013][T25464] kernfs: can not remove 'events_poll_msecs', no directory
[ 1354.938473][T25464] WARNING: CPU: 1 PID: 25464 at fs/kernfs/dir.c:1515 kernfs_remove_by_name_ns+0xc0/0x110
[ 1354.948479][T25464] Modules linked in:
[ 1354.952386][T25464] CPU: 1 PID: 25464 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1354.964373][T25464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1354.975329][T25464] RIP: 0010:kernfs_remove_by_name_ns+0xc0/0x110
[ 1354.981754][T25464] Code: 48 89 df e8 72 ee ff ff 48 89 df e8 8a b1 ff ff 31 db eb 29 e8 51 e4 9a ff 48 c7 c7 00 2f 2d 85 4c 89 fe 31 c0 e8 70 02 6d ff <0f> 0b bb fe ff ff ff eb 16 e8 32 e4 9a ff bb fe ff ff ff 48 c7 c7
[ 1355.001580][T25464] RSP: 0018:ffffc9000634fbf8 EFLAGS: 00010246
[ 1355.007840][T25464] RAX: cb245ba9218a0c00 RBX: 0000000000000000 RCX: ffff88810fb04f00
[ 1355.015979][T25464] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 1355.023954][T25464] RBP: ffffc9000634fc10 R08: ffffffff8153d238 R09: 000000000000ffff
[ 1355.032184][T25464] R10: ffffed103ee2a5e8 R11: 1ffff1103ee2a5e7 R12: 0000000000000000
[ 1355.040348][T25464] R13: ffffffff8653ab20 R14: 0000000000000000 R15: ffffffff85433200
[ 1355.048510][T25464] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1355.057647][T25464] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1355.064238][T25464] CR2: 00007f30e4e7d058 CR3: 0000000115363000 CR4: 00000000003506a0
[ 1355.072444][T25464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1355.080606][T25464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1355.088758][T25464] Call Trace:
[ 1355.092058][T25464]  sysfs_remove_files+0xab/0x110
[ 1355.097222][T25464]  del_gendisk+0x278/0xe20
[ 1355.101646][T25464]  ? device_add_disk_no_queue_reg+0x30/0x30
[ 1355.107758][T25464]  ? __radix_tree_delete+0x2ba/0x380
[ 1355.113050][T25464]  ? radix_tree_delete_item+0x261/0x360
[ 1355.118839][T25464]  loop_remove+0x46/0xb0
[ 1355.123087][T25464]  loop_control_ioctl+0x67f/0x740
[ 1355.128316][T25464]  ? loop_remove+0xb0/0xb0
[ 1355.132735][T25464]  ? __fget_files+0x310/0x370
[ 1355.137640][T25464]  ? security_file_ioctl+0xb1/0xd0
[ 1355.142756][T25464]  ? loop_remove+0xb0/0xb0
[ 1355.147385][T25464]  __se_sys_ioctl+0x115/0x190
[ 1355.152063][T25464]  __x64_sys_ioctl+0x7b/0x90
[ 1355.156868][T25464]  do_syscall_64+0x34/0x70
[ 1355.161285][T25464]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1355.167374][T25464] RIP: 0033:0x7f77b238e0d9
[ 1355.171787][T25464] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1355.191630][T25464] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1355.200259][T25464] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1355.208467][T25464] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000004
[ 1355.216611][T25464] RBP: 00007f77b23e9ae9 R08: 0000000000000000 R09: 0000000000000000
[ 1355.224588][T25464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1355.232794][T25464] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1355.240940][T25464] ---[ end trace 36e3028cd67c66e2 ]---
[ 1355.246649][T25464] ------------[ cut here ]------------
[ 1355.252102][T25464] kernfs: can not remove 'bdi', no directory
[ 1355.258467][T25464] WARNING: CPU: 1 PID: 25464 at fs/kernfs/dir.c:1515 kernfs_remove_by_name_ns+0xc0/0x110
[ 1355.268432][T25464] Modules linked in:
[ 1355.272333][T25464] CPU: 1 PID: 25464 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1355.284259][T25464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1355.294516][T25464] RIP: 0010:kernfs_remove_by_name_ns+0xc0/0x110
[ 1355.300929][T25464] Code: 48 89 df e8 72 ee ff ff 48 89 df e8 8a b1 ff ff 31 db eb 29 e8 51 e4 9a ff 48 c7 c7 00 2f 2d 85 4c 89 fe 31 c0 e8 70 02 6d ff <0f> 0b bb fe ff ff ff eb 16 e8 32 e4 9a ff bb fe ff ff ff 48 c7 c7
[ 1355.320913][T25464] RSP: 0018:ffffc9000634fc18 EFLAGS: 00010246
[ 1355.327245][T25464] RAX: cb245ba9218a0c00 RBX: 0000000000000000 RCX: ffff88810fb04f00
[ 1355.335217][T25464] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 1355.343438][T25464] RBP: ffffc9000634fc30 R08: ffffffff8153d238 R09: 000000000000ffff
[ 1355.351717][T25464] R10: ffffed103ee2a5e8 R11: 1ffff1103ee2a5e7 R12: 0000000000000240
[ 1355.359878][T25464] R13: ffff88810d39b030 R14: 0000000000000000 R15: ffffffff85432aa0
[ 1355.368046][T25464] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1355.377145][T25464] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1355.383728][T25464] CR2: 00007f30e4e7d058 CR3: 0000000115363000 CR4: 00000000003506a0
[ 1355.391918][T25464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1355.400067][T25464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1355.408209][T25464] Call Trace:
[ 1355.411498][T25464]  sysfs_remove_link+0x50/0x60
[ 1355.416477][T25464]  del_gendisk+0x7cd/0xe20
[ 1355.420894][T25464]  ? device_add_disk_no_queue_reg+0x30/0x30
[ 1355.426979][T25464]  ? __radix_tree_delete+0x2ba/0x380
[ 1355.432272][T25464]  ? radix_tree_delete_item+0x261/0x360
[ 1355.438019][T25464]  loop_remove+0x46/0xb0
[ 1355.442262][T25464]  loop_control_ioctl+0x67f/0x740
[ 1355.447471][T25464]  ? loop_remove+0xb0/0xb0
[ 1355.451888][T25464]  ? __fget_files+0x310/0x370
[ 1355.456757][T25464]  ? security_file_ioctl+0xb1/0xd0
[ 1355.461867][T25464]  ? loop_remove+0xb0/0xb0
[ 1355.470469][T25464]  __se_sys_ioctl+0x115/0x190
[ 1355.475192][T25464]  __x64_sys_ioctl+0x7b/0x90
[ 1355.480036][T25464]  do_syscall_64+0x34/0x70
[ 1355.484491][T25464]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1355.490595][T25464] RIP: 0033:0x7f77b238e0d9
[ 1355.495050][T25464] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1355.514925][T25464] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1355.523545][T25464] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1355.531734][T25464] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000004
[ 1355.539998][T25464] RBP: 00007f77b23e9ae9 R08: 0000000000000000 R09: 0000000000000000
[ 1355.548166][T25464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1355.556400][T25464] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1355.564412][T25464] ---[ end trace 36e3028cd67c66e3 ]---
[ 1355.570462][T25464] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 1355.582170][T25464] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 1355.590582][T25464] CPU: 1 PID: 25464 Comm: syz-executor.4 Tainted: G        W         5.10.153-syzkaller-00570-g673a7341bdab #0
[ 1355.602290][T25464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 1355.612355][T25464] RIP: 0010:strlen+0x3a/0x80
[ 1355.616945][T25464] Code: c0 ff ff ff ff 49 bf 00 00 00 00 00 fc ff df 48 89 fb 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 49 89 c4 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 12 48 ff c3 49 8d 44 24 01 43 80 7c 26 01
[ 1355.636548][T25464] RSP: 0018:ffffc9000634fb68 EFLAGS: 00010246
[ 1355.642621][T25464] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810fb04f00
[ 1355.650589][T25464] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[ 1355.658562][T25464] RBP: ffffc9000634fb88 R08: ffffffff81d1d4bc R09: 000000000000ffff
[ 1355.666530][T25464] R10: fffff52000c69f75 R11: 1ffff92000c69f74 R12: ffffffffffffffff
[ 1355.674495][T25464] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000
[ 1355.682464][T25464] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1355.691383][T25464] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1355.697962][T25464] CR2: 00007f30e4e7d058 CR3: 0000000115363000 CR4: 00000000003506a0
[ 1355.706199][T25464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1355.714336][T25464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1355.722292][T25464] Call Trace:
[ 1355.725576][T25464]  kernfs_name_hash+0x21/0x240
[ 1355.730331][T25464]  kernfs_find_ns+0x72/0x280
[ 1355.734916][T25464]  kernfs_remove_by_name_ns+0x3a/0x110
[ 1355.740368][T25464]  sysfs_remove_link+0x50/0x60
[ 1355.745297][T25464]  del_gendisk+0xbe0/0xe20
[ 1355.749708][T25464]  ? device_add_disk_no_queue_reg+0x30/0x30
[ 1355.755589][T25464]  ? __radix_tree_delete+0x2ba/0x380
[ 1355.760862][T25464]  ? radix_tree_delete_item+0x261/0x360
[ 1355.766400][T25464]  loop_remove+0x46/0xb0
[ 1355.770635][T25464]  loop_control_ioctl+0x67f/0x740
[ 1355.775653][T25464]  ? loop_remove+0xb0/0xb0
[ 1355.780064][T25464]  ? __fget_files+0x310/0x370
[ 1355.784738][T25464]  ? security_file_ioctl+0xb1/0xd0
[ 1355.789843][T25464]  ? loop_remove+0xb0/0xb0
[ 1355.794252][T25464]  __se_sys_ioctl+0x115/0x190
[ 1355.798924][T25464]  __x64_sys_ioctl+0x7b/0x90
[ 1355.803509][T25464]  do_syscall_64+0x34/0x70
[ 1355.807922][T25464]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1355.813804][T25464] RIP: 0033:0x7f77b238e0d9
[ 1355.818230][T25464] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 1355.837832][T25464] RSP: 002b:00007f77b1101168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1355.846248][T25464] RAX: ffffffffffffffda RBX: 00007f77b24adf80 RCX: 00007f77b238e0d9
[ 1355.854215][T25464] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000004
[ 1355.862182][T25464] RBP: 00007f77b23e9ae9 R08: 0000000000000000 R09: 0000000000000000
[ 1355.870147][T25464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1355.878115][T25464] R13: 00007ffee61e46bf R14: 00007f77b1101300 R15: 0000000000022000
[ 1355.886078][T25464] Modules linked in:
[ 1355.892415][T25464] ---[ end trace 36e3028cd67c66e4 ]---
[ 1355.897973][T25464] RIP: 0010:strlen+0x3a/0x80
[ 1355.902598][T25464] Code: c0 ff ff ff ff 49 bf 00 00 00 00 00 fc ff df 48 89 fb 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 49 89 c4 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 12 48 ff c3 49 8d 44 24 01 43 80 7c 26 01
[ 1355.922540][T25464] RSP: 0018:ffffc9000634fb68 EFLAGS: 00010246
[ 1355.928823][T25464] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810fb04f00
[ 1355.937080][T25464] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[ 1355.945091][T25464] RBP: ffffc9000634fb88 R08: ffffffff81d1d4bc R09: 000000000000ffff
[ 1355.953352][T25464] R10: fffff52000c69f75 R11: 1ffff92000c69f74 R12: ffffffffffffffff
[ 1355.962018][T25464] R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000
[ 1355.970597][T25464] FS:  00007f77b1101700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1355.979867][T25464] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1355.986685][T25464] CR2: 00007f30e4e7d058 CR3: 0000000115363000 CR4: 00000000003506a0
[ 1355.994747][T25464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1356.003293][T25464] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1356.011507][T25464] Kernel panic - not syncing: Fatal exception
[ 1356.017707][T25464] Kernel Offset: disabled
[ 1356.022017][T25464] Rebooting in 86400 seconds..